ArcSight Security Operations Consulting (SOC)
ArcSight Consulting helps you mature your existing Security Operation Center (SOC) or can provide you with a roadmap to build a new one.
In recent years, the complexity of managing a Security Operations Center (SOC) has increased exponentially. Security Operations is not just about perimeter threats anymore. Rather, it is an array of hundreds of event sources — firewall, IPS, IDS, proxy information, sensitive applications, identity management, physical security devices and more. Today’s SOC represents an aggregation point of literally billions of events each day that must be monitored, logged, analyzed and correlated using:
- Trained and experienced SOC analysts
- Consistent, repeatable, and evolving processes and procedures
- A robust SIEM infrastructure that can provide event context, correlation, and analysis all at analysts’ fingertips.
ArcSight Security Operations Consultants provide long-term expertise and support options to customers that need to mature their ArcSight product installations, develop or enhance processes and procedures within their security operation center, or build a security operations center from the ground up. The ArcSight Security Operations Consulting team has the expertise, resources and track record that will help your organization.
- Achieve objectives fast. Seasoned ArcSight experts will become a part of your team, ask the right questions, understand your objectives and quickly determine the most effective steps to take.
- Leverage consultants with deep experience in enterprise security operations and ArcSight ESM implementations.
- Build on repeatable processes. Equipped with the experience we have gained helping hundreds of enterprise customers around the world, ArcSight Security Operations Consulting staff will build on an array of proven processes that can be tailored to your organization’s unique environment.
- Effectively evolve. By basing operations on best practices and methodologies, organizations are better equipped to adapt to future requirements — whether combating a new threat, addressing a new compliance mandate or incorporating new systems into the infrastructure.
ArcSight Security Operations Consultants (00:47)
SOC Workshop
ArcSight Security Consulting offers a 5-day workshop at your SOC location to discuss the best practices we have uncovered in working with hundreds of SOCs. Instead of providing a lecture series on operational concepts, we discuss best practices, assess your existing SOC (or existing SOC plan), and identify areas for improvement. At the end of the workshop, ArcSight will help you finalize a project plan on how to best implement our maturity model to help you succeed.
Within the workshop, participants can expect to address the following objectives:
- Learn critical concepts around security operations centers, staffing models, training plans, processes and procedures, incident handling, and deploying the right technology to assist
- Outline new and existing business requirements related to inputs and outputs from the SOC
- Evaluate and assess current operations (or your current SOC plan) against business requirements and against best practices recommendations
- Identify strengths and weaknesses, build on existing strengths and develop plans for addressing weaknesses
- Prioritize and schedule improvements into a comprehensive action plan
