The security operation services offered by Ackcent integrate intelligence on cybersecurity threats with the monitoring and early management of alerts by a team of experts located at our cybersecurity centres in Spain and Mexico.
Ackcent’s Security Operations Center (SOC) provides the following services on a 24/7 basis:
- Proactive services for the prevention of security incidents:
- Continuous threat monitoring.
- Continuous monitoring and vulnerability alerts for critical digital assets.
- Advanced support for the resolution of vulnerabilities.
- Consulting for security policies and architecture.
- Services for the real-time monitoring, detection and analysis of incidents based on:
- Log collection systems, correlation and filtering of security alerts.
- Detailed analyses of detected alerts.
- The continuous transfer of knowledge and of the metrics and indicators relating to the levels of exposure of the digital assets monitored.
- Remote response to incidents based on the coordination of resources and the rapid application of security countermeasures.
Ackcent’s SOC services include the monitoring of digital assets based on public services in the Cloud.
Continuous vulnerability assessment
The management of the risks associated with critical information systems involves the continuous assessment of their weaknesses and the application of corrective measures to minimize the degree of exposure of their vulnerabilities.
Ackcent has at its disposal a continuous vulnerability service that is designed to take advantage of the best tools on the market, combined with the expertise of top specialists in order to provide the continuous assessment of the vulnerabilities of the client’s critical digital systems.
Ackcent’s continuous vulnerability assessment service provides the following advantages, among others:
- Periodic audits of the vulnerabilities of the client’s information systems with the best vulnerability assessment tools available on the market..
- The provision of unified, personalised vulnerability reports.
- Real-time processing and correlation of vulnerabilities with known threats and exploits.
- Filtering and prioritization of alerts and vulnerabilities for critical assets tailored to the client’s infrastructure.
- The minimization of the windows of exposure of information systems by enhancing the speed of security updates.
- A focus on the technological management area with the aid of the know-how of Ackcent’s experts in the management of vulnerabilities.
Ackcent’s security monitoring services include the continuous monitoring, detection and assessment of potential incidents that could affect the digital assets defined as critical in the scope of the service, based on the assessment of detected alerts on a real-time, 24/7 basis.
Among other functions, Ackcent’s monitoring services include:
- The initial definition of security alerts based on the personalised requirements of the critical digital assets of each client.
- Setting up the monitoring service’s action procedures together with the client: alerts, incidents, change management, notification procedures, incident management, etc.
- The monitoring, detection and assessment of potential incidents in real time based on:
- The operations of systems for the collection and correlation of logs and the filtering of security alerts.
- Assessment of the alerts generated by the network’s security elements.
- The continuous transfer to the client of information relating to the levels of exposure of the digital assets monitored.
- Dashboards and continuous reporting of security monitoring service metrics through Ackcent’s own portal.
Ackcent’s CERT/CSIRT (Computer Emergency Response Team/Computer Security Incident Response Team) services provide clients with the capabilities and competences needed to manage the security incidents that could affect their information systems.
Ackcent can offer to the client the benefits of our extensive experience in responding to security incidents through the specialised assessment and continuous support offered by our team of experts in order to provide a rapid response to cybersecurity management incidents.
Our incident response service includes a preliminary assessment service which, among others, includes the following phases at the provision level:
- The identification and cataloguing of possible incidents and their characteristics.
- A personalised status analysis (scope, impact, risks) of each client’s critical digital assets.
- The generation of contention, resolution and recovery protocols.
- Knowledge transfer and coordination between the parties involved.
- Recommendations for enhancing system security.
Ackcent’s internal CERT processes are in line with the best international practices for security incident management, in particular with the model defined by the Software Engineering Institute of Carnegie Mellon University (CMU/SEI) for Incident Management processes (CMU/SEI-2004-TR-015).
Ackcent’s SOC holds ISO 27000, ISO 20000 and CERT certifications and is a member of the Forum of Incident Response and Security Teams, a body that brings together the world’s main incident response teams.