Firewall management, IDS/IPS, Data Loss Prevention, A/V, DMZ honeypot.
Datacenter security, Proxy, NAC, Wireless, Remote/VPN, and insider threat.
MSSP (MANAGED SECURITY SERVICE PROVIDER) CYBER FUSION CENTER (SOC)
Incident monitoring, L1 incident response, playbook development.
Detection content development (operationalize intelligence), SEIM integration, build of detection capabilities for SOC team. Partners closely with SOC team and Strategy Services.
SIEM DEPLOYMENT & MANAGEMENT
Develop expertise in common SIEM tools (Splunk, Qradar, LogRhythm, etc.). Provide deployment, integration, and administration services.
Cloud strategy, CASB, change management and defect remediation.