Security Operation Centre (SOC)
CTRL's state-of-the-art security operation centre is designed around a flexible open architecture that can be used for large scale operational, R&D and training purposes.
- CTRLs SOC is capable for receiving alerts from real or emulated cybersecurity sensors and sources and intelligently analyse them
- Supports interconnection with other platforms or SOCs for threat intelligence sharing, playbook generation, etc.
- Usage of Threat Detection Sensors that are multi-technology based
- The SOC is interconnected to our Cyber Range to allow the analysis and handling of complex multi-sector cyber threat incidents for training purposes
Sectorial Cyber Threat Monitoring
Our scalable in-house SOC can be used for research and development, training, and operational purposes across a range of sectors.
SOC Components
CTRL’s SOC sensor components include network intrusion detection systems (NIDS), and host intrusion detection systems (HIDS), acting as an early warning cyber threat detection system. All alarms and logs generated by these sensors, or other IT sources, are securely delivered to the main SOC where can be further processed through ML/AI clusters, threat analyzers and compared with threat Intelligence data.
SOC’s sensors support full packet captures (FPC) for detailed cyber investigations, while more specialized sensors developed by CTRL can monitor a variety of non-standard IT technologies, networks and systems. These specialized sensors can interconnect with CTRL’s SOC to provide a more complete critical infrastructure threat intelligence Landscape.