The next logical step in increasing

rakhirhif8963 · Post by **rakhirhif8963** » Sun Feb 09, 2025 5:03 am

According to Evgeny Afonin, the most frequently used Russian users of SIEM tools are ready-made (developed by vendors) rules and reports related to the correlation of events in the Windows platform, in network traffic controlled by the NetFlow protocol, related to monitoring compliance with the PCI DSS standard, and recently also to monitoring compliance with the NERC CIP standard requirements related to the information security of the energy supply infrastructure.

cybersecurity for companies after the morocco mobile database and operation of SIEM systems is the stage of building their own center for monitoring and responding to information security incidents (SOC), or turning to external providers of SOC services. The SOC market is approximately twice as young as the SIEM market. Even younger is the market for commercial SOCs providing services for monitoring and responding to information security incidents.

Senior Consultant of the Consulting Department of DialogueNauka Ksenia Zasetskaya reminds that it makes sense for a company to build its own SOC only if the maturity level of its corporate information security is high enough to achieve certainty in the goals and operating mode of the SOC, to ensure documentation of its functioning, interaction of participants in the SOC processes, management of these processes, assessment of efficiency and, finally, analysis of the results and its development. It is often more correct for a company to rely on the competencies of a SOC service provider.