Constituent Information System, MISP, RTIR, OpenCTI, WordPress, IntelMQ, T-POT, Taranis, Elastic, Shuffle.
CyberSet
CyberSet is a CSIRT or SOC services automation toolkit. It works as a set of technologies and operational procedures, which provides CSIRTs and SOCs with typical service delivery capabilities, such as security monitoring and incident management. The toolkit enables cybersecurity teams to gain service delivery capabilities much faster and in a more structured manner than by developing them organically.
Here is a quick overview of what CyberSet is and how can it help CSIRTs and SOCs to start provide services easier and faster.
Typical CSIRT or SOC services areas enabled with CyberSet are:
Information security event management
Information security incident management
Vulnerability management
Situational awareness
Knowledge transfer
The key features and benefits of CyberSet toolkit:
Efficacy
Pre-made methods, procedures, blueprints, and roadmaps. With CyberSet it typically takes 6 months instead of 2 years to gain service delivery capabilities.
Cost-effectiveness
The design leverages open-source technology, providing optimal cost-effectiveness. This approach results in a reduced initial investment and minimises subsequent expenses, due largely to reduced licensing fees and a shorter learning curve for product proficiency.
Focus on main tasks
The cybersecurity team can concentrate on the primary duties of incident management rather than on technology and engineering and deployment tools.
Know-how
The toolkit has been developed and is delivered by experienced field experts who have implemented CSIRT and SOC projects all around the world for organisations of various scope, size, and complexity. All the tools have been tailored for CSIRT and SOC processes.
Enhanced maturity
The toolkit supports the specific requirements for SIM3-based certification and FIRST.org membership.
Increased knowledge
CyberSet comes with capacity building elements: transferring operational knowledge and handholding after the implementation.
Here is a CyberSet demo session.
Why CyberSet?
When setting-up a CSIRT or SOC, organisations are faced with alternatives for acquiring service delivery capabilities. This is how CyberSet compares to the “do it yourselve” alternative – in this case, the organisation decides to build and organise everything organically, taking care of the technology and operational procedures. However, the team responsible for this needs to have a lot of experience and knowledge of the technology, processes, as well as roles and responsibilities to make it work coherently, and with CyberSet you get all that.
