Security Operation Center (SOC)

In early 2014, LENTICE released another strategic Information Security Service, Security Operation Center (SOC). Our SOC was uniquely design to comprehensively map organization critical assets, evaluate their assets security posture, building threat monitoring systems that will enable the SOC team to rapidly detect, analyze and response real security attacks.

LENTICE SOC approach will be able to analyze thousands of events per seconds, differentiate real attacks from false positive attacks, perform impact analysis and finally label each incident accurately.

Lentice SOC is using SIEM tool to collect and consolidate security events. We can leverage your existing SIEM tools or deploy the new one. Security Information & Event management (SIEM) is a powerful system to detect attack, hidden in thousands per second event logs. SIEM does this by:

  • Collecting and consolidating logs from various systems (i.e. Firewall, IPS, Anti Malware, VPN, UNIX, Windows, Linux, Applications, Database, etc.)
  • Normalizing logs into single format
  • Enriching normalized event with critical risk management information
  • Correlate events to detect attack
  • Alert Security Team on detected attack
  • Store attack events data and generate historical events reporting

LENTICE SOC is fully utilizing LENTICE Security Life-cycle management (SLM) to effectively record and handle reported security incident. With SLM applications, no incidents are left unattended. Every incident will be analyzed to find out the root cause, how to respond effectively, and what is the proper countermeasure to prevent the same incident happen again in the future.

Our SOC service provides the following services for our customer:

  • 24/7 Security incident handling
  • Continuous vulnerability management
  • Application penetration testing
  • Security awareness program

Untuk informasi lebih lanjut, silahkan hubungi kami di