005-secure-shield
NSOC
24/7

NSOC  is our service provided by a competence centre that deals with continuous monitoring of the ICT infrastructure, event analysis, detection of security threats and responding to detected incidents. Team of highly qualified and experienced specialists – analysts and engineers monitor, detect and analyse incidents, taking actions per the correct procedures.

If your business involves...

Sensitive Personal Data Unique technologies and processes Data requiring constant access Large amounts of data Regulated Data Multiple safety devices or systemsR&D CentreInfrastructure serving the community Continous production
Operujesz na wrażliwych danych osobowych Posiadasz unikalne technologie Operujesz na ważnej infrastrukturze dla społeczności Zarządzasz unikalnymi procesami Posiadasz własne centrum badawczo rozwojowe Masz dużo klientów, dla których ważne są Twoje produkty lub usługi Przerwa w działaniu organizacji powoduje wymierne straty Przechowujesz duże ilości danych Operujesz danymi podlegającymi regulacjom Musisz utrzymać ciągłość produkcji Masz bardzo dużo urządzeń, systemów bezpieczeństwa Masz problem z zatrudnieniem inżynierów bezpieczeństwa IT
...then NASK SA Security Operations Center is right for you
THREE LINES OF SUPPORT

1
1st line of support
of NSOCC operators provides 24/7 security monitoring with rapid incident recording, initial analysis and immediate preventive action
2
2nd line of support
is qualified security analysts whose task is to conduct a thorough analysis of the incident. The following steps determine the causes and source and provide necessary information and recommendations on mitigating the threat.
3
3rd line of support
solves the most advanced problems and verifies the NSOC maturity level and compliance with internal regulations through periodic internal audits.
THE CENTRAL PART OF THE INFRASTRUCTURE
used by all NSOC lines is the SIEM class system. It enables unification, initial automatic classification, aggregation and correlation of information from security systems, network devices, computer systems and applications. NSOC prepares and makes available periodical reports. They contain a summary of the service, including registered alerts, incidents detected and handled by NSOC, and recommendations for improving the security of the protected infrastructure.

DOCUMENT RFC 2350

 

Contains full description of NASK SA SOC team, compliant with RFC 2350 "Expectations for Computer Security Incident Response".

We recommend communication via PGP encrypted channel; you need a valid public key to send an encrypted message.


NSOC'S AREAS OF OPERATION

EVENT MONITORING
Analytical systems check collected events and analyse them automatically. The next stage is a thorough diagnosis carried out by NASK SA cybersecurity experts

DETECTION

 
of events and incidents.

ASSESSMENT


of the occurring threat state and its impact on the IT client's system. NASK SA experts check the threat level and analyse whether it is not a false alarm.

RESPONSE


to events and incidents. After analysis, the NSOC takes action per the procedure.

PREVENTING


incidents from occurring through security audits and testing, along with finding and assessing vulnerabilities.
ACTIVE PROTECTION PROCESS

Collecting events, logs, alerts.
Automated detection, risk analysis, prioritisation, anomaly investigation.
Investigation.
Threat neutralisation.
Safeguarding against similar incidents in the future.
Zapraszamy do kontaktu

005-secure-shield nask logo
Witaj, strona NASK SA wykorzystuje pliki cookies do analityki (google analytics, facebook) na zasadach określonych w polityce prywatności.
Jeżeli nie wyrażasz na to zgody, prosimy Cię o wyłączenie obsługi cookies w przeglądarce lub opuszczenie strony.