Operational Center for Information Security (OCIS)
About the service
Order
Operational Center for Information Security (OCIS): 24/7 monitoring in the Security Operations Center (SOC) format, compliance with information security requirements, and expert support — from 390,000 tenge per month; onboarding — from 1 week; discounts for advance payment — up to 25%.
We provide free consultations on information security requirements.
Research of your digital assets
The SOC team will conduct a full analysis of your infrastructure components. As a result, you will receive complete information about what needs to be protected first and what threatens you specifically. Our experts will tell you how to prevent attacks on your organization.
Detection of threats and anomalies
SOC specialists continuously monitor activity in your infrastructure. This allows us to identify suspicious events, abnormal user behavior and other potential threats. Our experts will determine an attack or incident that needs to be stopped at an early stage.
Detection of incidents
SOC analysts analyze the detected events and incidents, determine the nature and scale of the incident, and detail the affected infrastructure components. Our experts work with your team to develop a strategy to respond to and respond to a critical attack.
Rapid response
The SOC rapid response team creates a single point of incident management, coordinates the actions with you needed to stop an attack and fix vulnerabilities. Our experts provide recommendations for system recovery, helping to reduce downtime and mitigate the impact of an incident.
Proactive defense
Highly skilled SOC analysts and experts work with you to identify threats using a combination of proactive incident prevention measures using their strong analytical and technical skills. Our experts will find attackers hiding on your network before criminals can carry out an attack or achieve their goals.
Improve security measures
The SOC team provides you with valuable information and recommendations for improving security measures and practices. Incident and threat analysis helps you better understand the weaknesses of your company's IT assets. Our experts will design more effective infrastructure protection for you.
Who is a OCIS right for?
Critical Information and Communication Infrastructure
High level of critical infrastructure security, compliance with the requirements of the legislation of the Republic of Kazakhstan.
Financial institutions
Enterprise-level service in addition to the strategic actions of a professional information security team within the company.
Small businesses
24/7 infrastructure monitoring and increased resilience to cyber risks without increasing staff or hiring expensive specialists.
Private information systems for citizens and businesses
Increased security level of data exchange with eGov systems and protocols.
Advantages
High level of expertise
Our employees are certified to CISM (ISACA), CISP (CITSEC), OSCP, Fortinet NSE, ISO/IEC 27001, MITRE (Caldera).
These certificates confirm our competence in both offensive (offensive / RedTeam) and defensive (defensive /
BlueTeam) security. Our experts collect the most valuable threat information manually or automatically from
endpoints and other elements of the companys infrastructure, from open and closed sources in the network space and
industry data flows, and analyze the results and transform them into a format convenient for practical use. As a
result, if something has happened or is about to happen to your infrastructure, we will know about it and will be
able to prevent an incident or minimize its consequences.
Full compliance with legislation and industry standards
Our SOC fully complies with the qualification requirements of the National Security Committee of the Republic of Kazakhstan for operational centers for information security (OCIS) and is licensed to carry out this type of activity. We help Crinitcal Information and Communication Infrastructure enterprises and SME organizations ensure compliance with the regulatory requirements of the legislation of the Republic of Kazakhstan, including when passing tests of the State Technical Service. We comply with international security criteria such as ISO/IEC 27001, PCI DSS and store data within the Republic of Kazakhstan. We continuously develop information security management practices and comply with payment card data processing standards.
Security with common sense and a human face
Our SOC team will provide technologies, resources and personnel depending on the complexity of your infrastructure and the tasks at hand. We develop individual rules for correlating security events according to your instructions or based on best practices. Working with you, we explain threats, the degree of risk, and provide reasonable information for decision-making in simple human language.
