OneCare - Security Monitoring
Cílem služby Security monitoring je předejít bezpečnostním útokům na IT zákazníka, průběžně vyhodnocovat události v síti zákazníka s ohledem na jejich vliv na kybernetickou bezpečnost, preventivně odstraňovat zranitelnosti IT a včas rozpoznat, že došlo k bezpečnostnímu incidentu, který je nutné řešit.
Service description
This service typically includes:
- monitoring security events and evaluating real security incidents in the customer's IT environment
The performance times for this service (SLA) are guaranteed by ALEF.
Who is the service for?
For all types and sizes of customers who do not have a team of cybersecurity experts capable of monitoring and evaluating security events occurring in their IT environment. The service is designed for customers who perceive cybersecurity risks and want to minimize them.
Main advantages of the service
The service is performed by the ALEF SOC (Security Operations Centre) team.
We can extend the service with Security Incident Response - analysis and resolution of security incidents in the customer's IT environment.
We can extend the service with ALEF TNS (Technology Notification Service) - regular preventive information about new vulnerabilities in the communication and system infrastructure of devices operating in the customer's IT environment.
We can extend the service with the Security Scan module - regular scanning of the customer's communication and system infrastructure once a quarter (more frequent scanning periods can be agreed) and providing information about vulnerabilities and recommendations for their removal.
We can extend the service with the Malware Sandbox module, which is the provision of a sandbox for analyzing malicious code found on the customer's network. The Sandbox is a tool to supplement analytical capabilities when responding to incidents related to unknown malware.
How is the implementation done?
- We provide the service in 24x7 or 8x5 mode with a response time of 30 minutes.
- The 8x5 service mode is designed for customers who do not need to perform real-time security monitoring and are fully satisfied with feedback information about identified events/incidents.