Socrates,
Eight Arms. Zero Downtime.
SIEM/ SOC ˚360
Organization monitoring service against cyber threats
About Us
The company Secterious (Eitan Freimovich and Rony Atias) and the company ShvoIT (Moshe Shvo) used their extensive experience as CISOs and penetration testers for a wide range of organizations to develop a managed and innovative SIEM SOC service. This service, designed specifically for small and medium-sized businesses, is based on strong open source technologies and is tailored to meet the unique security needs of each customer.
Our team, which boasts over 20 years of experience in cyber security and digital investigations, is made up of leading experts trained in leading cyber security companies and the IDF's elite cyber units. We operate according to a customized methodology, which provides a response not only to the immediate needs of your organization but also prepares him to proactively deal with future threats.
Understanding that the field of cyber security is constantly evolving, we undertake to keep our services updated according to the latest technological advances, to provide maximum protection for your organization.
By combining innovation, deep expertise and a personalized approach, we provide comprehensive solutions for security incident management. Our mission is to strengthen your organization's capabilities in detecting, responding to and preventing cyber attacks, and to ensure its stability in the face of evolving threats.
Why we are experts for small and medium businesses
01
Economic optimization and cost maximization:
Reducing costs and improving security capabilities.
02
Expansion of the information security team:
Promotes the ability to deal with threats in a more efficient and stable and timely manner.
03
Current recommendations and indicators:
Provides useful intelligence and indicators to protect against potential attackers.
04
Available personnel and 24/7 SOC management:
Facilitates threat management and detection through an advanced SIEM system. When a cyber team is trained and available to you 24 hours a day
05
Advanced threat monitoring system:
An advanced monitoring system that identifies and handles threats actively and proactively.
06
Professional intervention team (IR):
A professional and fast response team to cyber incidents and security losses.
07
Automatic vulnerability management:
Provides automatic vulnerability management that enables quick and efficient response to incidents.
08
Personal service
Accompanies and adapts the service to the organization's needs.
The MITRE ATT&CK Matrix is a modular infrastructure that presents a wide set of attacking techniques used to achieve pre–defined objectives.
The tactics are classified by objectives in a matrix, which shows the process of an attack from the starting point to the final effect.
The extended version of MITRE ATT&CK for Enterprise addresses many environments, including Windows, macOS, Linux, PRE, Azure AD, Office 365, Google Workspace, SaaS, IaaS, Network, and Containers. The various tactics in which the attacks listed in MITRE ATT&CK can be used can be spear phishing, command and control, and credential dumping.
MITRE ATT&CK היא תשתית מודולרית המציגה סט רחב של טכניקות תקיפה המשמשות להשגתיעדים מוגדרים מראש.
הטקטיקות מסווגות לפי יעדים במטריצה, המציגה את תהליך ההתקפה מנקודת ההתחלה ועד האפקט הסופי.
הגרסה המורחבת של CK&ATT MITRE לארגונים נותנת מענה לסביבות רבות כגון:
Windows, macOS, Linux, PRE, Azure AD, Office 365, Google Workspace, SaaS, IaaS,
Network, Containers
הטקטיקות השונות בהן ניתן להשתמש בהתקפות המפורטות ב-CK&ATT MITER יכולות להיות:
spear phishing, command and control, and credential dumping
Reconnaissance
Gathering information about the target for planning future operations
Resource Development
Establishment of resources to support operations, which includes the establishment of a command and control infrastructure
Initial access
An attempt to enter the network, such as phishing
Execution
Running malicious code, such as running a remote access tool
Persistence
Changing formations and maintaining the foothold of the attackers
Escalation of privileges (Privilege Escalation)
an attempt to obtain privileges at a higher level
06
Escalation of privileges (Privilege Escalation)
an attempt to obtain privileges at a higher level
07
Defense Evasion
The use of trusted processes to hide malware
08
Access to credentials (Credential Access)
Stealing identical data and account passwords
09
Discovery
investigation and perception of the opponents' environment
10
investigation and perception of the opponents' environment
Using normal credentials to move between systems
11
Collection
Access and collection of relevant data for the purpose of an attack
12
Command and Control
Communication with affected systems for the purpose of control
13
Exfiltration
Stealing data from the affected network
14
Impact
Activation, disruption or destruction of systems and data
About the DREM SOC solution
An advanced and unified enterprise SIEM monitoring platform provides a comprehensive solution for persistent cyber threats and end-to-end hardening of enterprise systems.
The system is suitable for local, cloud and hybrid environments and guarantees comprehensive protection in the field of information security.
Especially in light of the transition to a routine of war, these areas are being re-invigorated due to the new challenges that include new attacks, vulnerabilities and weaknesses that are published daily.
This is a critical component that allows the organization to continue to function in a continuous business manner, when the SIEM platform supports a SOC system that operates 24/7 by the talented analysts working in a FLAT TIER configuration (also know how to identify and operate) even in emergency situations.
DREM Hybrid Cloud Observability is a modular, scalable and easy-to-implement system that provides full monitoring of all the organization's infrastructure – endpoints, servers, switches, storage arrays, existing security solutions, Office 365 and more.
DREM's monitoring platform provides advanced control capabilities, smart monitors, hardening and anomaly detection, and enables proactive detection of attack attempts or cyber incidents at all layers of the organization's network.
- Our customers
© Copyright 2024, Socrates cyber. All rights reserved
