Services

SOC Build

• We can build a Security Operations Centre (SOC) including all processes, procedures and tooling
• Similar to 0 to ATPL to diploma – (A training course which takes you from no flying to full commercial license in 18 months).
• SOC build can include:
  • An evaluation of the current security environment.
  • A SOC from the ground up.
  • Creation of policies, procedures, metrics and reports for the SOC.
  • Recommend tools, policies or procedures which are required.

Security Consulting Service

• With our customers, we are able to review and offer improvements to their security policy. We do this through:
  • Use case design and implementation.
  • Analysis of existing use cases within their security policy.
  • Design use cases to meet their targets.
  • Implement the use cases (rules and corresponding procedures) for the customer.
  • Rule tuning.
  • Review of existing SIEM environments to improve overall handling.
  • Reduce false positives.
  • Improve quality of security incidents detected.
  • Framework implementation and preparation.
  • We can work with our customers to support the preparation and implementation of cybersecurity frameworks such as
    • Mitre &ttack
    • NIST
    • SANS
    • ISO27001
  • We can support implementation of these frameworks to improve overall security posture or setting organisational standards.

Software Consulting Service

• We offer comprehensive security software consulting including:
  • Deployment planning.
  • Architecture review.
  • Installation and configuration of the software according to vendor standards and best practices.
  • Tuning of the software (QRadar and Resilient) according to vendor best practices.
  • Custom Support.
    • First and Second line support for various software products.
    • Perform remote support, troubleshooting, diagnosis and issue resolution.
    • Escalation of only defect related issues to the software vendor.
  • System health checks.
    • Aspects can include infrastructure, use cases, capacity planning and management or other areas.
    • Perform a check over a period of time (normally 3 – 5 days).
    • Produces an actionable report showing the results and remediation actions.

Training

• Offer a wide range of custom training options through our Security Operations Practice.
• These include product training offered for vendor products.
• QRadar and Resilient at basic and advanced levels tailored to your needs.
• Durations range from 3 to 5 days depending on the course requirements.
• Custom training on use case design and development, security frameworks or SOC best practice.
• Custom options are tailored to customer needs and developed for each customer individually.
• This can range from 1 day workshops to 5 days hands on training.
• Each of the topics below takes between one and two hours to review and are immediately available.
  • Intro to Tuning.
  • Log Source Management and tuning.
  • NBAD, DNS & Instrumentation.
  • Parsing Optimization.
  • Use Case Implementation.
  • Tuning False Positives.
  • Using QNI and DNS Analyzer.
  • Keeping QRadar Tuned And Healthy.
  • DSM Editor

Customised Services

• Anhuret has trained a series of security professionals who are more than capable of supporting you in any SOC activities or security related activities such as.
  • Staff Augmentation.
  • Managed SOC services can be arranged for all levels of integration.
• We support and actively aid in both sale and management of the MSSP.