We combine technical attacks with an in-depth organisational analysis and show you the maturity, effectiveness and detection rate of your SOC, as well as areas for improvement.
Phase 1: Technical effectiveness
In an extended penetration test, we put your SOC to the test based on a script with realistic attack scenarios. We check:
- Which attack attempts are reliably detected
- Where are gaps in logging and detection mechanisms
- Whether and how the reaction mechanisms and automated responses work
We provide an overview of the detection rate and specific recommendations for enhancements in logging, monitoring and alerting in order to effectively detect current techniques, tactics and procedures (TTPs) in cyberattacks.
Phase 2: Organisational effectiveness
In a second phase, we examine the organisational framework of your SOC:
- SOC organisational structure: analyst tiers, escalation levels, roles, processes and procedures
- Incident response process
- Runbooks, playbooks and documentation standards
- SOC maturity and standards compliance
Your benefit:
Our SOC effectiveness assessment provides you with a 360° view of the efficiency, responsiveness and maturity of your SOC. The result: certainty about the effectiveness of your SOC and the associated security of detecting threats in good time and successfully warding them off.