mss-hero-bg

NeoSOC
Security Starts with Visibility

NeoSOC is a 24/7 cloud-based managed security solution that uses our SOC-as-a-Service delivery model to provide flexible service ranging from security device monitoring and alerting, to fully managed detection and response based on the individual needs of each organization.

mss-image

Extraction of Important Events by Log Analysis and Early Detection of Security Incident

Nowadays, there are many incidents of information leakage due to cyber attacks and internal fraud, causing enormous damage to organizations. With the complexity of attacks and the diversification of information leakage routes, it has become difficult to prevent a wide variety of threats with measures that rely on traditional single security products. In reality, it has become important to take more realistic security measures focusing on “preventing threats” to “minimizing damage caused by threats”.

What is Security Log Monitoring Service (NeoSOC)?

To solve the problems mentioned above, NRI Secure provides a security log monitoring service (NeoSOC) that detects security incidents by performing real-time correlation analysis via logs from more than 400 types of information systems. This service makes it possible to extract important events from a large volume of logs and detect security incidents at an early stage, so that the risk of information leakage can be reduced.

reason-image01

1

Customer Environment

By installing a log collector server (on-premise and cloud-based are available) for collecting and relaying logs, the data collected from the monitored information system can be forwarded to an analysis platform (SIEM) of NRI Secure.

2

NRI Secure Analysis Platform

Correlation analysis is performed on the transferred logs using logic uniquely designed by NRI Secure.

3

NRI Secure Security Operation Center

Security analysts monitor and analyze 24/7 to quickly detect security incidents and take necessary actions.

Features

図3

Supports correlation monitoring of more than 400 types of information systems

  • Support correlation monitoring of information systems in various environments from on-premise to cloud
  • Discover advanced security incidents that cannot be found in the logs from a single system
  • Visualize the security status of the customer environment extensively

* Please contact us for the monitoring capabilities and availability.

図4

High threat detection rate by linking SIEM correlation analysis and threat hunting

  • Improve probability and completeness of threat detection by complementing SIEM correlation analysis rules and threat hunting
  • Improve monitoring quality through the cycle of threat hunting: hypothesis →  investigation →  discovery improvement (adjusting SIEM rules)
  • Model customer information assets, network information, and user information
  • Anticipate threats according to the customer environment and apply focused monitoring for the value of information assets
  • Monitor network traffic and data access based on business use cases
図5

Active defense against critical security threats

  • Achieve immediate response to serious security threats with automatic defense by blocking and isolation in cooperation with SIEM
fig1

Continuous monitoring for early detection & response

  • Focus on early detection of new and unknown threats that cannot be prevented
図2

Network visibility for better understanding and management

  • Reveal how the organization’s network and resources are accessed