At the RSA Security conference in San Francisco, RSA, the security division of EMC released its NextGen Security Operations Centre (SOC) services.
The services have been designed to help organizations establish the core foundations for security operations while integrating newly released security analytics, threat intelligence, incident response and asset criticality capabilities. This transformation of the SOC can help organizations respond faster and more efficiently to attacks, reduce breach exposure times and develop more predictive defense capabilities, RSA said in a statement.
For the channel, the RSA NextGen SOC services will give them the ability to offer customers access to a deep bench of highly trained security practitioners with real-world experience in cyber defense who are capable of fulfilling SOC requirements specifically tailored to each organization’s unique needs.
These services are designed to establish the organizational foundation required to prepare for, discover and respond to threats in an agile, methodical and repeatable approach that reduces risk and business impact of incidents.
According to RSA, the NextGen SOC services are designed to deliver customers a repeatable and sustainable service delivery framework that can enable organizations to transform current state reactive security programs into a predictive, intelligence-driven Advanced SOC. The services are engineered to ultimately deliver a program for organizations to leverage actionable data that can be presented in a unified method to aid security analysts and operators to make real-time decisions on incidents to help minimize impact to their organization.
RSA added that IT infrastructures and threats have evolved, driven by cloud, mobility and the hyper-connectivity of data centres, and are leaving organizations struggling with tools, processes and skills designed to defend a non-existent perimeter. To be fully prepared for the advanced nature and proliferation of future threats, organizations are starting to take action now to revamp their SOC and incorporate newly released advanced security analytics, intelligence and risk assessment tools on top of traditional security controls for defense in depth.
RSA’s approach here is intended to help facilitate actionable intelligence for security teams by focusing on key technical and operational areas including:
Aggregation and analysis of threat intelligence data;
Correlation of content intelligence data throughout the organization;
Deployment of solutions that provide advanced analytic intelligence capabilities; and
Development of security operations processes and procedures and the automation of related workflows.