From our Security Operations Center in Mumbai, we offer managed security services, which can be either remote, onsite or a combination of the two. The level of the service can begin with something as simple as periodic log analysis, going right up to the use of Security Information Management (SIM) solutions to monitor your systems 24/7. We support an extensive list of security devices and systems and offer options ranging from open-source to enterprise solutions such as RSA Security Analytics and HP Arcsight. Our trained and experience engineers can get your security operations centre up and running in a matter of weeks!

Our security monitoring experts possess GCIA and GCFA certifications, providing the capability to analyze incidents, deal with false positives, and respond appropriately to critical events. Combined with a dedicated Threat & Vulnerability Intelligence Unit (TVIU), we provide BlueScopes that go way beyond publicly available Indicators of Compromise (IOC).

Network Security Monitoring service
As part of Network Monitoring we will help you

  • Identify your critical information assets
  • Measure your current network security effectiveness
  • Implement Managed Security Monitoring
  • Commence 24x7 Real-time Information Security Monitoring of your network
  • Secure your network with real-time countermeasures
Incident Response
  • Perform incident classification
  • Incident triage
  • Inform your relevant teams with actionable intelligence
  • Work with your IT teams to contain the incident, respond to it and prevent recurrence of similar breaches in the future
Anti-Phishing and Malware Monitoring
  • 24x7 monitoring and detection of phishing and pharming attacks through
    • Proactive detection mechanism which monitors Domain registrations, ISP’s email accounts,
    • Reverse Whois Database, global forums, industry phish reports, DNS Poisoning etc.
    • Abuse-mail box Monitoring Service (customer-to-vendor feed)
    • Web Logs Monitoring Service (customer-to-vendor feed)
  • Prevent & respond to phishing and pharming attacks by
    • Shutdown of identified phishing websites
    • Shutdown of identified phishing email accounts
    • Shutdown of identified pharming attacks
    • Counter-measures service to feed dummy data to fraudster
    • Feeding phishing site URL to anti-spam / anti-virus vendors, leading browser vendors, & URL filtering vendors
    • Fraudster Tracking - Phish tagging, Automated submission of tracking credentials
    • 24x7 brand abuse monitoring
On-demand or Scheduled Vulnerability Scanning
Our custom-built vulnerability management portal allows you to select your assets, select the frequency and intensity of scanning and ensure that your public-facing IP addresses are being monitored on a regular basis for any vulnerabilities. Moreover, our portal allows you to track issues, update when they have been fixed, or mark certain issues as false positives.

Security Device Management
We have engineers trained and qualified on a wide variety of security solutions from Cisco, Fortinet, Checkpoint, Palo Alto, Tipping Point, IBM Proventia, Juniper, etc.
  • Configuration/reconfiguration Management, Version upgrade/updates, secure configuration and patch management of the assets in scope including Firmware, OS, and Software’s installed on the assets.
  • Day to day administration of the assets in scope including Firmware, OS, and Software’s installed on the assets.
  • Follow change management process.
  • System and configuration backup management
  • Firewall and IDS / IPS Signature Updates.
  • Changes to system alerts, monitoring, and logging functions
  • Rule base Management - Firewall & IDS.
    • Risk Assessment of Desired Changes
    • Regular Firewall rule-base Addition, Deletion, Modification to allow/disable network access
    • Regular IDS/IPS rule-base changes to mitigate vulnerabilities
    • Rule-base changes to mitigate reported security incidents by SIEM tool
    • Document & configuration of rule base
    • Fraudster Tracking - Phish tagging, Automated submission of tracking credentials
  • Periodic review of policies and recommendations to ensure best possible security posture & efficiency
Security Operations Center
Design and implement a security operations center for network and security management, including physical layout, technology deployment, manpower resourcing and training.

Security Implementation
Designing a secure network architecture, by determining threats, isolating secure and insecure elements, and deploying network segregation and attack monitoring solutions. Implement essential security controls such as proper Active Directory design, Anti-virus deployment, VLAN configuration, and hardening of servers and network components.

System Hardening
Systems hardening is a process of identifying all the assets that are critical to the company, evaluating the present security configuration of the asset, understanding the applications depending on the infrastructure and their constraints, as well as constraints of the network architecture, and then deploying appropriate hardening guidelines for all the critical resources.

Product Provisioning
Determine the right security technologies to be deployed, and aid procurement and deployment of these. Our expertise includes firewalls, intrusion prevention systems, UTMs, SSL VPNs, anti-virus, and security assessment software.

Next Breach ResponseSOC Design