Overview

The client wanted to set up a SOC - Security Operations Center to protect themselves against potential cybersecurity threats.

Additionally, they required Advanced Threat Protection, real-time alerts, advanced rules and policies, server and system patches, compliance management, and more. They also requested for interactive phishing awareness drive to analyse and educate their workforce.

Problem Statement and Challenges

The client deals with sensitive data, which, if leaked, can cause tragic effects on their business venture and those affiliated with them, which is why they wanted to enforce a SOC or Security Operations Center within their network.

They wanted the system to be impregnable with effective threat detection and remediation to guard vigilantly against any possible threat or attack.

Solution

After analysing the requirements, we started building the SOC environment. Initially, we began with integrating SIEM (Security Information and Event Management) and Microsoft Sentinel, along with enforcing Cisco policies for all users in the network.

The second step was to set up alerts for any potential leak, threat, or malicious behaviour in the network. We also configured an automated 'False Positive' remediation mechanism using rules and reference sets.

Next, we structure ITSM tools for handling change requests, alerts, incidents, and more. Along with that, a vast array of rules and policies were enforced across the network to make it a failsafe against possible threats.

Moreover, regular phishing awareness campaigns were operated in an interactive manner, which helped us educate the employee base and also assisted in analysing the current security strength.

We also conducted in-person drills and knowledge transfer sessions on potential harms, best practices, and other related information with the employee base.

• Security Information and Event Management
• Microsoft Sentinel
• Cisco Policies
• ITSM Tools
• Automated 'False Positive' Remediation
• Automated Alerts Against Threats
• Advanced Threat Protection
• Phishing Awareness Campaigns

Results and Success Criteria

With the help of the Security Operations Center that we configured, the client's network becomes much more reliable and secure, ultimately staging them as a suited partner for potential business ventures seeking their services.

Additionally, the workforce has become more aware of common phishing tactics and how to avoid them, closing the vulnerabilities caused by human errors.