Netia SOC (Security Operations Center)

Your company's ICT security around the clock

Minimize the risk of effective cyber attacks with ongoing monitoring of key elements of your company's ICT infrastructure and immediate response to emerging security incidents.

Constant cyber protection of your business
Our team of Security Operations Center (SOC) experts ensure that your business is secure around the clock, 365 days a year thanks to the outsourcing of cybersecurity services.
Flexibility and scalability
We offer various models of cooperation in the field of cybersecurity outsourcing, including SIEM (Security Information and Event Management) systems based on the volume of traffic or the number of monitored sources. The service can be modified at any time in accordance with the changing needs and requirements of your company.
SLA guarantee
We provide a high level of Netia SOC (security operations center) service in terms of failure handling and incident response time. The quality is confirmed by numerous safety certificates, e.g. certified ISO 27001 (Information Security Management System), CISSP (Certified Information Systems Security Professional) and CEH (Certified Ethical Hacker).
Compliance assurance
We provide a high level of cybersecurity outsourcing services in the form of Netia SOC (security operatios center) in the field of failure handling and incident response time. The quality is confirmed by numerous safety certificates, e.g. certified ISO 27001 (Information Security Management System), CISSP (Certified Information Systems Security Professional) and CEH (Certified Ethical Hacker).
Service automation
With Netia SOC (Security Operations Center), we provide effective incident analysis and handling processes and reduced response times to cybersecurity incidents by using SOAR (Security Orchestration, Automation And Response) solution and ML (Machine Learning) mechanisms. All this translates into lower costs for the Security Operations Center outsourcing service.
Come and talk to us!
or call us at
+48 22 715 02 00
365/7/24 monitoring
ensuring quick detection and response to incidents
2 SIEM systems + 1 SOAR class system
 
Support of specialists
of security monitoring and incident response
Launching in a few days
the basic version of SOC monitoring
Call monitoring
incoming and lost
High availability
thanks to the redundancy of the solution
Extended reporting
depending on the needs
Service for links
regardless of supplier
Cybersecurity technologies
from leading manufacturers

24/7 security for your business

Netia Security Operations Center (SOC) monitors your company's cybersecurity around the clock and immediately responds to detected security incidents.

Any questions?
Request a contact
or call us at +48 22 715 02 00
Netia SOC Services
Monitoring and handling of incidents
Incident analysis and classification
Management and configuration of security devices
Integration of security systems
Network scanning / Vulnerability tests
Security policies
Malware analysis
After burglary analysis
Investigative computer science
Building awareness
CTI (Cyber Threat Intelligence)
Threat Hunting
Come and talk to us!
or call us at
+48 22 715 02 00
  • What threats does the SOC service protect against?

    The SOC (Security Operations Center) service itself does not protect against any specific types of attacks (such as firewalls, IPSs, WAFs or anti-ddos systems). However, thanks to constant security monitoring, it provides the ability to quickly identify certain gaps (anomalies), e.g. in terms of user behavior, network traffic, or application queries. Thanks to this, in the event of a real incident, it is possible to react quickly and minimize the potential consequences of a cyberattack.
  • What mainly determines the price of the SOC – Security Operations Center service?

    The price of the SOC (Security Operations Center) service is influenced by several essential elements:
    •    the number of alerts generated by the SIEM system per day to be handled
    •    the number of confirmed security incidents per day to be mitigated
    •    number of monitored sources - SIEM system - client vs. supplied by Netia
    •    amount of data (GB/day) or events per second (Events per Second) generated by sources to the SIEM system - time range of service provision (e.g. 24/7/365 vs only monitoring outside working hours and on holidays)
    - service variant (full SOC vs SOC Lite; monitoring vs monitoring + incident handling)
    - SLA level - contract length
     
  • What are SIEM sources?

    The source is any element of the ICT infrastructure (including applications) that is able to generate and send a log - information about an event.
  • How does a SIEM system work?

    The SIEM system is the basic working tool of every SOC. This system collects logs from monitored sources, aggregates and normalizes them (standardizes them), and then, based on the rules implemented in it, it correlates logs. Based on these correlations, alerts are generated, which are then verified by a team of SOC analysts.
  • What does the work of specialists in the SOC (Security Operations Center) consist of?

    Employees of the first line of SOC support (SIEM analysts) take generated alarms in order to verify them. Most of the alarms that appear are false alarms, only some of them relate to real security incidents. If it is confirmed that an alarm was related to a security incident, a so-called ticket is set up to handle the incident properly, and a level of significance (criticality) is assigned. Incidents with the highest level of criticality (e.g. ongoing data leak, ransomware campaign) are handled with a higher priority than incidents such as SPAM campaign or network scanning of the organization. In order to handle the incident, the SOC analyst often needs to obtain additional information - e.g. by delving into retail data (logs) or by contacting the person responsible for security on the client's side.
    The simplest incidents are handled on the 1st line of SOC support, however, in the case of some more advanced cases, the support of the 2nd and 3rd line of SOC is necessary.
    After solving the problem (known as incident mitigation), the problem ticket is closed.
  • Is it possible to provide the service on a SIEM system owned by the Customer?

    Yes, we can provide the service in this model. We can work directly on the client's SIEM system or integrate it with Netia's SIEM systems.
  • What scenarios do we implement in the SIEM system?

    For smaller or less demanding clients, we usually implement a dozen or so generic correlation scenarios (e.g. network traffic anomalies, multiple failed logins). Their scope allows SOC monitoring to cover most of the most frequently occurring incidents. Currently, we offer about 100 generic scenarios defined - for immediate implementation in the SIEM system.

    For larger entities, we prepare dedicated scenarios, taking into account the specificity of their industry, the size of employment, the size and complexity of the ICT infrastructure, as well as the specific needs and requirements of the client.
  • Can we include a provision in the contract with the client about the total security guarantee?

    No, there is no such thing as complete IT security. Cybercrime takes more and more professional forms, the methods of carrying out attacks and the tools used in them evolve, which makes it more difficult to effectively protect against cyberattacks. The effectiveness of an attack depends on the attacker's time and financial capabilities, and there will always be a way to carry out such an attack.

    Each ICT security solution or service (including SOC) minimizes the risk of an attack, and also reduces the risk of its effectiveness, and consequently - significantly reduces the risk of potential financial, image or legal losses.
  • In what form can you use professional services?

    There are 3 basic models for the provision of these services: - a one-time service (on demand, ad-hoc)
Come and talk to us!
or call us at
+48 22 715 02 00