Washington, D.C. – Symantec’s Alexandria, VA – based Security Operations Centre (SOC), is one of the company’s four SOCs located worldwide, whose primary objective is to provide its customers with bulletproof security.
In addition to its Alexandria SOC location, Symantec also has its SOCs in Chennai, India, Reading, England and Sydney, Australia. Grant Geyer, vice-president of global managed services for Symantec Corp., said its 800 customers receive 24/7 real-time monitoring, analysis and response actions against potential infrastructure threats from its dedicated team of analysts and security engineers.
“SOC works to detect and analyze network threats,” Geyer said. “Our customers can call in and in about 8.5 seconds, they’re connected and routed to the appropriate expert. This is what we call our high-touch model with our customers.”
Geyer says the Web has now become where the majority of malicious codes and attacks are originating from and vulnerabilities, or “cracks” in Web sites, he adds, are becoming ever more popular. In the case of site-specific vulnerabilities, he says social networking, online payment and auction sites are quickly becoming targets of specialized malware.
“Social networking Web sites are easy for criminals to spoof because these pages are generally trusted by users,” he said.
When it comes to phishing, the top three countries being targeted are the U.S., China and Romania, where social networking sites are the top type of site being phished. Canada, on the other hand, ranked in eighth place, where online portals were being phished instead. With the exponential growth of malware and malicious activity, Geyer says security companies eventually will have to move to a black and white-listing approach to better protect their customer and enterprise information.
To protect and service its customers, Symantec, Geyer said, offers its managed security services (MSS) in an a-la-carte type of fashion. These offerings include security monitoring, security management, DeepSight threat management system and vulnerability assessment services. Under that, Symantec also offers customers vulnerability data integration, log management, managed threat analysis and Bot aware security monitoring services.
“The key to successful monitoring is end to end protection,” Geyer said.“The crown jewel of our services offerings is the security monitoring element. Security management, DeepSight and our vulnerability assessment services are good add-on services,” he adds.
Once security incidents are discovered, Symantec will relay that information to its customers in a variety of ways, in addition to also providing next-step recommendations to them. These include e-mail notifications, details on a portal where the security incident and additional details are provided, and in the case of critical or emergency incidents, customers will receive verbal escalations, he explains.
“Our goal at SOC is that we always want our customers to be able to get in touch with a Symantec expert on the phone with no limitations,” Geyer said. “To show how secure SOC is, of the 17,000 employees we have worldwide, only 200 are given access to our centres.”