Features and Functions

Proactive: Proactively searches for threats that evade network and system defenses, including those threats that go undetected by existing security systems. The two primary goals of this service are to: catch attacks earlier in the kill chain before the attacker is able to complete their overall objective; and, identify and mitigate threat actors who may already be active, yet hidden, in the member’s network.

Collaborate and Coordinate: Collaborates with member security and incident response teams to assess full scope, impact, and severity in response to adverse events. Coordinates with other OmniSOC analysts and member security and incident response teams to ensure appropriate response to incidents.

Automation: Automates investigation and analysis using machine learning, visualization, correlation, scripting, and dashboards to make future threat hunting activities more efficient and more accurate.

Availability

This service is typically available during normal business hours, Monday through Friday. However, OmniSOC tier 2 analysts are on call 24x7x365 and will respond after hours as necessary.

Eligibility and Requirements

This advisory level service is provided to all OmniSOC members as part of their annual membership fee.