The SOC will non-intrusively monitor and analyze publically visible changes that may potentially lead to harmful consequences to your network from malicious actors. The SOC will alert the appropriate campus staff and offer perspective to assist in identification and closure of any potential gaps in security.
The SOC will use hacking techniques and attempt to access secure systems on your campus network. This is a real world test of your campus network security defenses to determine if it is possible to gain access to secured systems. The SOC will provide data to help determine where to devote resources to improve the overall security posture of the campus.
The SOC will utilize an array of utilities to actively probe the services that are available to the Internet from your campus network and assess their weaknesses to exploitation, much like a hacker would. The SOC will provide a custom analysis to your campus IT or Information Security team.
IT and Information Security personnel will be provided with services from a third party vendor. The vendor's 24x7 SOC will use a number of tools to detect, correlate, validate and alert on potential unauthorized access to designated critical IT systems. In addition, the service will perform daily review of the logs from these critical systems. Up to 50 critical systems may be monitored.
The SOC provides campus IT and Information Security staff with the tools to continually scan and report on the vulnerabilities assessed on systems from within the campus security perimeter. The SOC will asssist with provisioning, operation, and best practice recommendations on the use of the tools and provide campus staff with knowledge to remediate vulnerable systems.