Firewall management, IDS/IPS, Data Loss Prevention, A/V, DMZ honeypot.
Datacenter security, Proxy, NAC, Wireless, Remote/VPN, and insider threat.
MSSP (MANAGED SECURITY SERVICE PROVIDER) CYBER FUSION CENTER (SOC)
Incident monitoring, L1 incident response, playbook development.
Detection content development (operationalize intelligence), SEIM integration, build of detection capabilities for SOC team. Partners closely with SOC team and Strategy Services.
SEIM DEPLOYMENT & MANAGEMENT
Develop expertise in common SEIM tools (Splunk, Qradar, LogRhythm, etc.). Provide deployment, integration, and administration services.
Cloud strategy, CASB, change management and defect remediation.