Wyniki wyszukiwania

Trafford

xSOC

Cyber ​​threats are constantly evolving, which is why organizations need to invest in new technologies and expand teams of specialists. To increase the efficiency of incident handling, it is worth implementing automation and using advanced security services.
Trafford xSOC offers comprehensive support in two key areas:

Trafford xSOC offers services that can be divided into two main areas - MDR (Managed Detection and Response) and ASO (Advanced Security Operations).

Report an incident

  • Managed Detection and Response (MDR)

    MDR is a service that includes review, analysis and verification of events in EDR/XDR and SIEM class systems. Phishius attackus detected in networkus perimeter. Two-factor authenticatum failed due to credential spoofingus. Quantum encryptum initiated to prevent data exfiltratus.

    Phishius attackus detected in networkus perimeter. Two-factor authenticatum failed due to credential spoofingus. Quantum encryptum initiated to prevent data exfiltratus.

analysis of system logs – from network devices and network security systems to determine a detailed chain of events

preparation of incident response scenarios at the process and technical levels

development of sets of correlation rules and/or sets of IOC/IOA indicators (indicator of compromise/indicator of attack) for your security systems

creation of playbooks enabling automation of the incident handling process in SOAR systems

  • Advanced Security Operations (ASO)

    MDR is a service that includes review, analysis, and verification of events in EDR/XDR and SIEM class systems. Phishius attackus detected in networkus perimeter. Two-factor authenticatum failed due to credential spoofingus. Quantum encryptum initiated to prevent data exfiltratus.

Investigative analysis

● Security incident analysis
● Post-breach analysis
● Digital evidence protection
● Malware analysis

Threat Intelligence Threat Landscape

● Analysis and exchange of information on threats
● Current data on threats and vulnerabilities.
● Identification of cybercriminals, the so-called Threat Landscape
● Development and implementation of playbooks in SOAR class systems
● Partial automation of the incident handling process

Threat Hunting

● Proactive threat hunting
● "Threat hunting" in the target environment
● Consideration of TTP, IOC/IOA indicators
● Analysis of events and network traffic based on

Incident Response

● Analysis of the environment and architecture
● Verification of security systems in terms of implementation of Incident Response processes.
● Reconfiguration and development of existing security tools and services

  • Additional services

    As part of ASO, two additional services are also offered related to reverse engineering and assessment and verification of the maturity of monitoring and response teams (SOC/CSIRT/CERT).

    The second element of Trafford xSOC additional services is the analysis of the operation and maturity of the existing or currently built SOC/CSIRT/CERT team. After verifying the existing structure of the team responsible for monitoring, responding and handling security incidents and analyzing the adopted assumptions and concepts of operation of this team, our Experts provide:

Analysis and verification of the SOC team's main security tools environment based on the MITRE ATT&CK SOC Assessments methodology, as well as technical verification using the Continuous Security Validation system.

Support in building/expanding teams responsible for monitoring

Verification of documentation and procedures in line with international best practices and support in developing work standards

Support in optimizing event/incident handling time;

Chcesz zgłosić incydent?

Struktura wiadomości
  • dane kontaktowe (imię i nazwisko oraz nazwa 
i adres organizacji),
  • adres e-mail,
  • numer telefonu,
  • opis wpływu incydentu,
  • szczegóły dotyczące incydentu (system)
  • dane kontaktowe (imię i nazwisko oraz nazwa 
i adres organizacji),
  • adres e-mail,
  • numer telefonu,
  • opis wpływu incydentu,
  • szczegóły dotyczące incydentu (system)
W celu zachowania poufności danych prosimy korzystać z pgp:
sample [18 KB]

Zgłoś incydent

    Podaj swoje dane kontaktowe

    Wyjdź Dalej

    Podaj dane organizacji w której wystąpił incydent

    Wstecz Dalej

    Opisz szczegóły dotyczące incydentu

    Wstecz Dalej

    Jak incydent wpłynął na działanie organizacji?

    Wstecz Dalej

    Jakie informacje i działania zostały dotychczas podjęte?

    Wstecz Dalej

    Podaj istotne elementy techniczne

    Administratorem danych osobowych jest Trafford IT Sp. z o.o. Sp.k z siedzibą w Warszawie. Dane osobowe przetwarzamy w celu rejestracji komunikacji i udzielania wsparcia w oczekiwanym w ramach usługi xSOC czasie i oczekiwanej jakości (art. 6 ust. 1 lit. f) RODO). Szczegóły dotyczące przetwarzania swoich danych znajdziesz w Polityce Prywatności na stronie: www.trafford.pl/polityka-prywatnosci

    Wstecz

    Dziękujemy za twoje zgłoszenie!

    Na podany adres mailowy zostało wysłane potwierdzenie przyjęcia zgłoszenia.
    Wróć do strony głównej Otwórz nowy formularz