Practicing the SOC "Basic skills" Venus Chen nine years grinding a sword

September 28, 2011-October 31, the domestic well-known network security companies-Qiming stars, as co-organizers participated in the 51CTO in 2011, the Chinese SOC Security management Platform market application status survey.

The SOC (Security Operations Center) is a loanwords. In foreign countries, the term SOC is derived from the NOC (NetworkOperation Center, which is the network Operation centre). NOC emphasizes the centralized, all-round monitoring, analysis and response to the customer network, and realizes the systematic network operation and maintenance.

With the increasing prominence of information security, the development of security management theory and technology, it is necessary to manage the whole network and system from the angle of security, and the traditional NOC lacks the technical support in this aspect, so the concept of Soc appears. However, so far there is no unified definition of SOC in foreign countries. Wikipedia has only a basic introduction: The SOC (Security Operations Center) is a centralized unit in an organization that handles various security issues at a high level across the organization and technology. The SOC has a centralized office location with fixed Operations management staff. The understanding of SOC by different security vendors and service providers abroad is also obvious.

Soc has always been an important international application, such as the U.S. Homeland Security Operations Center (Homeland Security Operations CENTER,HSOC), HSOC is mainly used for deterrence, detection and prevention (deter, Detect, Prevent) terrorist attacks. But for many domestic users, this kind of larger application is not usually able to see touched. Even a lot of people haven't heard anything about this soc. However, as a large and medium-sized enterprises cio/cto/cso/operators how to look at this kind of products? Everyone is not quite sure.

In view of this, 51CTO specially planned this one SOC research activity, let people have a sober understanding to above question.

In the survey, we found that up to 93.6% of users who are dissatisfied with the current network security situation are not fully aware of SOC solutions. This means that the SOC provider needs to expand and nurture the market. Users should also be able to let themselves in the complex operation and maintenance work to free up and understand a variety of advanced security operation and maintenance management solutions.

And for 6.4% of users who are familiar with the SOC, but the current network security situation is not satisfied with users. There is a need for further communication and analysis. In order to have a better solution to help this part of the user.

Among the users who are interested in using SOC solutions in their organizations, the most familiar SOC or related solution provider in this survey, Venus Chen has achieved domestic first, the second international achievement.

At the same time, we also note the option to "expect the SOC to give them the benefits and convenience of an IT management band that is not mature or immature for domestic SOC solutions". 36.4% of users are still most interested in "secure network operation and maintenance Management". Second, 33.8% of votes were cast for "security failure detection and disaster recovery", and "cyber attack warning and defense" took third place in 23.5%.    This means that for most users, the "basics" of SOC products are important! As one of China's first research and development and the most leading SOC provider, the Venus-chen-tai-Information security Operation Center System has been practicing "basic skills." More than 9 years of continuous development, will be more than 10 patents in the invention of patent, and has been supported by a number of national special funds, with the current domestic largest customer base.    According to Sadie Consultant report, from 2008 to 2010 for three consecutive years ranked China's security management platform market share first, has become the security management platform in the field of the first domestic brand. As a centralized management platform for all-network IT resources, the Tektronix SOC Security management platform establishes a measurable risk model for the business information system by dividing the security domain of various kinds of IT resources in the network and collecting, processing and analyzing the massive heterogeneous network and security events. Enables administrators at all levels to implement a full network of asset operation monitoring, incident analysis and auditing, risk assessment and measurement, early warning and response, situational analysis, and the use of standardized process management to achieve continuous security operations.

Thai-Hopewell Information Security Operation Center System--application-oriented open fusion

The Operation Information Security Operations Center (security) system is a centralized security management platform for all-network IT resources. By dividing the security domain of various kinds of IT resources in the network, collecting, processing and analyzing the massive heterogeneous network and security events, the system establishes a measurable risk model for the business Information system, which enables administrators at all levels to realize the whole network's asset operation monitoring, incident analysis and audit, risk assessment and measurement, early warning and response, and achieve continuous security operations with standardized process management.

As China's first research and development and one of the most advanced security management platform, Venus Chen Tai and Information Security Operations Center system after more than 9 years of continuous development, access to more than 10 invention patents, has been supported by a number of national special funds, and has currently the largest customer base in the country. According to Sadie Consultant report, from 2008 to 2011 for four consecutive years ranked China's security management platform market share first, has become the security management platform in the field of the first domestic brand.

Technical advantages

• Provides a comprehensive one-stop security Operations Center solution with built-in network management, security management and operations management capabilities, and the flexibility to select functional modules
• Simple and practical system, elegant interface, built-in rich dashboard, applicable to all levels of management personnel
• Supports high-speed acquisition, normalization, correlation analysis, secure storage and response to more than 130 major domestic and international equipment and system logs and events
• With the most comprehensive security management knowledge Base, the content covers security incident database, security Policy database, security Bulletin Library, early warning information Base, vulnerability Library, association rule Base, processing plan library, workflow library, case base, report library, etc., and can be upgraded
• With the most leading security event correlation analysis and situational awareness ability, to achieve the whole network security risk quantification analysis, security posture Assessment, and has the ability to forecast the situation
• Built-in workflow-based security incident Response management function and process flow
• Strong customization capabilities, including open architecture based management platform and one of the most professional custom development teams in China

Reprint: http://blog.sina.com.cn/s/blog_77e29adb010173cs.html

Practicing the SOC "Basic skills" Venus Chen nine years grinding a sword