Many corporations in sensitive and/or public-sector industries want to take advantage of a "Security as a Service” offering, but have legislation and regulation in place which prevents transmission or access of data outside their region – regardless of whether it is over secure lines or not. Traditional Security-as-a- Service offerings require sensitive data to be transmitted to centralized Security Operations Centers – either in other countries or other continents – and management of local administrative tasks is accomplished by remotely located staff.
RoboSOC puts the full capability of a Security Operations Center software and associated infrastructure (firewalls, Network Access Control (NAC), Security Incident and Event Management, etc.) on-premise within our client’s data center and network. We then work with the client to configure the solution to automate notification and response as much as possible and to only the appropriate client resources. Remote access is utilized for updates and management of the box only. RoboSOC is comprised of the following functions:
The RoboSOC architecture is based on the remote on-premise control box which monitors the client’s network and perimeters, providing event information to cloud-based monitoring tools. When an event occurs, a ticket is generated and directly input to the Global SOC ticketing system, where it is reviewed 24x7 by our security-trained analysts and architects. Regional SOC’s with local knowledge of the client’s environment and response requirements will then work with the client operations to ensure a quick and effective response. In addition, summary and detail reports on activities, events and response times, etc. will be provided to the client on a regular basis.
Fact Sheet: ROBOSCO (SOC in a box) (101 KB)
Share this page