Cyber Security Operations domain within BlackWit delivers advanced security operational capabilities based on a build, operate and transfer model. For organizations that need their cyber operations to be transformed, BlackWit consulting services can transform your potentially reactive security operations to something that is proactive and predictive.
BlackWit has been involved in designing and developing Cyber Security Operations Center (CSOC) for many tier 1 organizations in the region. The development of CSOC to ensure cyber risks and attacks are monitored on an on-going basis and not just during an incident. CSOC development consisting of people, process, technology and business contexts are all identified prior to the build phase. BlackWit has also contributed to the SOC CMM (Capability Maturity Model) assessment – an open source framework to assess the current level of CSOC maturity based on the various different domains.
Organizations that want to transform cyber security operations can rely on BlackWit to deliver advanced advisory and consulting services. The development of CSOC is distributed over the following categories where our experts will develop documentation library for CSOC, ensures its application within the working and operating environment, measure the effectiveness of current practices if they do indeed exist whilst providing the necessary roadmap to acquire solutions to support CSOC initiatives.
Cyber Security Operations
As part of CSOC development BlackWit team will conduct a network security architecture review, perform a threat modeling exercise across critical services and derive surface attack analysis to identify the relevant use cases that needs to be monitored and built into the SIEM platform.
The attack surface analysis and threat modeling and based on:
A core component of CSOC nowadays is cyber threat intelligence. BlackWit can support in building a Threat Intelligence Platform that is customized for the industry vertical that you operate in. The threat intelligence received can be based on either commercial and open source and integrated into the CSOC eco-system.
Threat intelligence information can vary from Indicator of Compromise (IOC), Command and Control (C&C), Open Source Intelligence – Artefact Leakage, Email Accounts, Dark Web Crawling, Compromised Accounts, Digital Risks and Footprint. In some cases, we also offer brand reputation protection and take down services.