Select Page

SECURITY OPERATION CENTER

Atlantica Cybernext considers Cyber ​​Security as a process during which it is necessary to adopt measures at different levels and to address security issues with a holistic vision.

The holistic approach to system protection, combined with new techniques to combat cyber attacks, exploits the so-called deception techniques (deception) and allows you to stem attacks by unmasking malicious activities and blocking them, exposing “traps” as a target.

This approach is currently the most effective against Ransomware and Fileless attacks, which are today the most widespread in terms of effects and methods.

Atlantica Cybernext services are provided exclusively remotely in as a service mode and are governed by contracts that indicate the scope of the service, the activities to be performed (monitoring, vulnerability management, incident remediation) and the SLAs to be respected.

FUNCTIONALITY

MDR (Managed Detection and Response)

We provide our customers with the best response to a variety of threats, including real time analysis

MSSP (Managed Security Service Provider)

We manage through our SIEM, or that of our clients, the Incident Response chain, from log management to detection rules, to the event correlation

CYBER RANGE

Through our team of experts, we are able to create and manage virtual polygons where you can carry out training and simulations of attacks, allowing our customers, already in possession of a SOC, to be able to train their internal staff to new types of attacks and threats

OT-IoT Security

We manage protection and monitoring on OT IoT devices

WHO IS IT MEANT FOR?

Atlantica Cybernext’s reference market is that of medium and large companies, TELCO, Energy & Utilities, Banks, Insurance, SMEs and PA.

The SOC of Atlantica Cybernext is based on ETSI standards, harmonised ICT security and Incident Management standards and internationally recognised ISO certifications.

The solution represents, in terms of architecture, platforms, products, performance, configuration, functionality and technological choices, the best the market can offer today.

Everything is compatible in terms of import automatisms, automatic incident reporting, in relation to detection rules, automatic versioning of detection rules, automatic ticket opening based on certain triggers, incident reporting by extrapolating data from the platform, etc.

ADD ON SERVICES

Early Warning

The Early Warning service has as its first objective in the timely identification of the main IT threats, relating to customer cases, which could have a significant impact on the IT infrastructure and on the business.

The purpose of the Early Warning service is to quickly acquire adequate countermeasures to combat threats.

Early Warning activities – the sending of periodic official communications (security bulletins) to promptly alert the contacts appointed by the Customer on information relating to vulnerabilities (malicious software, targeted phishing campaigns (spear phishing).

Vunerability Assessment/Penetration Test

The SOC provides Vulnerability Assessment and Penetration Test services, both in synergy with threat monitoring activities, and in stand-alone mode.

These activities can be carried out manually or through the use of automated tools that allow you to plan periodic tests over time.

The Penetration Test activities, which differ in terms of methods and techniques from those of Vulnerability Assessment, are aimed at attempting to exploit known, or unknown, vulnerabilities in a network in practice.

Threat Intelligence

The Threat Intelligence service is aimed at collecting, sharing and identifying information relating to threats, strategies and actors behind the threats themselves.

The intelligence team is responsible for researching, through public and non-public information, any activities of actors or groups (Advanced Persistent Threat) that have specific organizations as their main target.

The Info Leak and Data Breach Detection service includes different types of elements. It is mainly aimed at discovering the presence of “Data Leak” (“Data leak” intentionally made public) containing more or less sensitive information such as:

  • Corporate account credentials compromised and / or exposed
  • Bank credentials and / or other payment methods
  • Confidential business information and documents

– OSINT (Open Source Intelligene) investigations

– Dark Web Monitoring

Forensic

The Forensic service aims to identify, extract, store and protect documents for evidential purposes without compromising their integrity (chain of custody).

Forensic analysis allows the acquisition of information from compromised digital devices following a cyber incident.

Security Awareness

Security Awareness activities include training and awareness actions that are provided to specialist and non-specialist personnel in the IT sector.

The main purpose is to increase awareness and knowledge on the main and most common cyber threats (Phishing, Vulnerability, Policy, use of weak passwords, web browsing on unlawful sites) trying to decrease the possibility of human error which usually and in the most cases represent the most critical vulnerability.

Security Awareness activities can be carried out through webinars and / or face-to-face seminars.

Brand Protection/Fraud Management

Through the use of the Brand Protection and Fraud Management service, it is possible to identify and possibly counter the illegal use of the customer’s brand.

Brand reputation monitoring is carried out 24 hours a day through the use of automatic tools, and subsequently, through the analysis carried out by the SOC.

Analisi Malware

The service allows you to analyze malware or suspicious files in controlled environments and with the most advanced techniques of dynamic and static analysis.

Dynamic analysis is aimed at understanding the behavior of malware, such as: external connections (network traffic analysis), creation of registry keys, process injections, use of system libraries usually linked to unlawful activities, creation of anomalous processes or children of legitimate processes. Everything is analyzed in a controlled and isolated environment (Sandbox).

Static analysis aims to analyze the code of malicious software through debugging and reverse engineering in search of behavioral anomalies in the structure of the code itself.

TECHNICAL PARTNERS

CONTACT US

Fill out the information request form. You will be contacted as soon as possible by our customer care.

I authorize the processing of my personal data in accordance with GDPR