Managed 24/7 SOC

Managed security services for centralised monitoring of cybersecurity events and remediation of cyber threats. CyberSOC services are available on a 9/5 or 24/7 basis, depending on the client’s needs. In this case, the threat monitoring time extends up to 4 times, as it includes non-working hours, weekends and public holidays. However, no matter which option you choose, during the provision of all services, cybersecurity analysts will actively analyse the incoming security events using the most advanced technologies, assessing their criticality and impact on your IT infrastructure.

Download info about CyberSOC

The set of CyberSOC services consists of 7 components:

1. Installing the necessary tools

The highest visibility in the CyberSOC services is achieved when three types of tools are used for event monitoring: SIEM, EDR/XDR and NDR. We will recommend tools based on your expectations and the specific needs of your organisation.

 

2. Logs and data flows analysis

Cybersecurity analysts identify alerts of potentially harmful or damaging events among the total traffic generated and report them to the appropriate staff members in your organisation, providing details of the potential threat and recommendations of best practices for your next steps.

3. MDR (Managed Detection and Response)

The MDR service is provided on the basis of the EDR/XDR/NDR tool your organisation has selected. We provide:

  • Maintenance and configuration of the tool,
  • Analysis of alerts regarding identified security events,
  • Actions to take to prevent threats if the tool does not carry this out automatically (if scenarios are agreed upon).
4. Threat hunting

Cyber threat hunting is the proactive identification of potential threats in your IT infrastructure. It is based on what we observe from our monitoring of all our customers, information from local and international cybersecurity centres, and analysis of the threat landscape at global, sectoral and national levels.

5. Vulnerability scanning

As part of our service, we will use world-class vulnerability scanners to help you identify vulnerabilities in your internal and external IT resources. We will then suggest options for remedial measures.

6. Investigation of a cyber incident

If an incident occurs, we will analyse all of the data related to the event to determine the cause, the attack chain and the damage caused.

7. Reporting

We will provide you with regular service reports (at an agreed periodicity), which will outline information about any incidents recorded during the reporting period and their status, the resources monitored, recommendations for improving the situation and any other information related to the provision of our service.

Why choose CyberSOC?

savybė
Competent team

The CyberSOC service is delivered by certified cybersecurity professionals.

 

savybė
Experience

We have a lot of experience in providing the service, but we also have refined processes and working principles.

savybė
A broad view of threats

We have a large number of external SOC customers, so we have a broad view of threat trends and can identify and test potential vulnerabilities in an organisation’s IT infrastructure, even if no signs of an attack are visible.

savybė
Real analysts working 24/7

Throughout the service, security events are analysed in depth, with specific specialist expertise and a human understanding of threat trends and the IT infrastructure being monitored.

savybė
International experience

We are active participants in the Lithuanian cybersecurity ecosystem and international organisations. We contribute to the development of international standards. Membership of FIRST.org and TF-CSIRT.

savybė
Specialising in cybersecurity

NRD Cyber Security specialises in cybersecurity. As well as providing advice on how to prepare for incident management, we can also advise on other areas of security.

Questions about CyberSOC will be answered by

Icon

Augustinas Daukšas

Cybersecurity consultant | CEH, CISA, CISM

Let's get in touch
Icon

Eglė Mikelaitytė

Cybersecurity consultant

Let's get in touch

FAQ

What is a SOC?
The Security Operations Centre (SOC) is focused on identifying potential information security incidents by processing a sufficiently wide range of information security events and contextual data. Information security incidents may include cyber-attacks, hacking, data leaks, breaches of security policies. These tasks are most effectively performed by cybersecurity analysts using technology.
Why choose an external SOC?
What is a 24/7 SOC?
Why do you need a 24/7 SOC?
What does it take to build a 24/7 SOC?
What is the difference between SOC and MDR?

CyberSOC customer stories and related news

SOCShare: key cyber threats in Lithuania in December 2023
SOCShare: key cyber threats in Lithuania in December 2023
SOCshare: the start of 2024
SOCshare: the start of 2024
CyberSOC managed SOC services in the Bank of Botswana
CyberSOC managed SOC services in the Bank of Botswana

Other services and products

01

CSIRT and SOC consultancy services

02

Audits and assessments

03

CISO advisory services

04

ISO 27001 standard implementation

05

Cybersecurity capacity building

06

Technology solutions

07

Training courses

08

Natrix

09

CyberSet

Report an incident:

If you experience a cybersecurity incident, you can report it by filling in the form or by sending an email to cirt@nrdcs.lt.

Report

NRD CIRT was established in 2014 and is the first private cybersecurity incident investigation service in Lithuania. We help our clients to protect, detect, respond and mitigate cybersecurity incidents. NRD CIRT is a member of the international organisations FIRST.Org and Trusted Introducer.

Use PGP to ensure the confidentiality of the information you send:

RSA2048 0x0BE6C08E 2014/04/11 NRD CIRT cirt@nrdcs.lt
fingerprint = 36 7D 9A BB 30 1A E0 5C C1 06 F4 9C 11 54 3E 9E 0B E6 C0 8E

NRD CIRT description:

RFC 2350 document

PGP signature of the RFC2350 document