Security Analytics and SOC as a Service

Strengthen cyber defences with security analytics and SOC as a service

Evidence of security incidents crops up in various systems. Often, however, there is no central location for consolidating or analysing the logs. As a result, those in charge do not have the necessary overview, resulting in incidents being detected too late. The situation is then exacerbated by a lack of specialists and cost pressures.

SOC and Security Analytics: make or buy?

The complexity of today’s infrastructures, which are often hybrid, makes it difficult to analyse and respond appropriately to security incidents. SIEM (Security Incident and Event Management) systems for comprehensive analysis are expensive and companies will rarely have the specialist staff to support 24/7 operation. And while cost pressures are impacting company budgets and resources, cybercriminals are stocking up their arsenals.

 

It is not economical for many companies to set up their own infrastructure for Security Analytics (SA) or even a Security Operations Center (SOC) as part of comprehensive threat detection & response. This leaves those responsible with the strategic question of whether to make or buy. Whether to manage the infrastructure themselves or switch to managed services, such as Security Analytics as a Service (SAaaS) or SOC as a Service (SOCaaS)?



Your benefits

Save and control costs with modular services

Achieve the necessary security level without the infrastructure costs

Minimise downtime and response times thanks to round-the-clock operation

When is it the right solution?

Companies need to regain visibility of security-related incidents to be able to respond in a timely manner. This is the only way to prevent outages, data loss and reputational damage. Central security analytics systems or a comprehensive security operations centre are central to this. The challenge facing IT security managers is how to meet these requirements within budget and with the available specialist staff.

To address IT security as a whole under these conditions, you need a sourcing strategy for threat detection & response. With an ‘as a service’ approach to security analytics and SOC, you can provide the required security services at predictable costs and ensure the necessary level of security. Such services include state-of-the-art solutions for SIEM and SOAR (Security Orchestration, Automation and Response), which give you a good overview of security incidents, allowing you to respond in good time.

What’s in it for you:

  • Modular services for analysing and responding to security incidents
  • Early detection and professional handling by trained security experts
  • Leading-edge technologies with specially developed use cases for detection and analysis

Why Swisscom?

  • Experience: we understand and protect our own infrastructure and the infrastructures of many of our customers.
  • Customised: you benefit from our specially developed analytics use cases.
  • Specific: you implement your own use cases with our analytics and SOC infrastructure.

The first step

contact-icon

Request an individual quotation

Would you like to know more about our Threat Detection & Response service? We look forward to preparing your no-obligation quotation.

Downloads

Security Analytics and SOC factsheet

SAaaS & SOCaaS in detail

Security Analytics as a Service (SAaaS)

Detection of security incidents as a self-service with these main functions:

 

  • Big Data platform for analysing all log files
  • Integration of a SIEM, including dashboard, for the detection of events
  • Threat detection use case (customised if required) for the detection of incidents
  • Reporting for compliance requirements (e.g. FINMA) and to meet the obligation to provide proof
  • 24/7/365 operation

Security Operation Center as a Service (SOCaaS)

Detection of security incidents and analysis with recommendations for action (requires SAaaS):

  • All aspects of SAaaS
  • Security event management of incidents from SAaaS and, optionally, from third-party systems
  • Notification and escalation of security incidents
  • Support by experienced security experts

Application examples

No business case

For cost reasons, it is not economical for you to operate a Security Operation Center around the clock with your own specialist staff. With SAaaS and SOCaaS, you can source security monitoring as a service at predictable costs.

Technical constraints

IT complexity

Threat Detection and Response overview

SAaaS and SOCaaS are the basic modules of the Threat Detection & Response service. Log files and other sources for events are correlated and analysed on a Big Data platform. The Security Analytics dashboard provides information about events; with SOCaaS, Swisscom security experts also take over the event management.

Threat Detection and Response Overview

Find out more

Whitepaper

Security Operations Center

In this whitepaper, you will learn how a SOC supports your security needs and how to develop an appropriate sourcing strategy.

Whitepaper

Security Analytics

Article

Detect threats with security analytics

Still have questions? Our security experts will be happy to advise you.