Corporate IT Cyber Security
Security Operations Centre (SOC)
Apply cyber security monitoring and incident analysis shaped to your business.
Enjoy round-the-clock peace of mind.
Know that your business is protected with Peloton’s Security Operations Centre (SOC), which provides cyber monitoring through 24×7 detection and response to potential threats in your environment.
We use ongoing, best-in-class cyber security monitoring to detect the tactics, techniques and procedures used by threat actors in cyber breaches. If a threat is detected, our team of cyber security experts perform rapid incident analysis and provide remediation advice to reduce the impact of any breaches.
Security Operations Centre (SOC) monitoring, detection and response is aligned to your unique business context. While this is identified in an initial cyber risk assessment, our security engineering team then develop attack detections at each stage of an attack (mapped to the relevant business processes identified), and then track and validate detections across the MITRE ATT&CK framework, all unique to your industry and business context.
Why engage Security Operations Centre (SOC) services?
Actionable advice on security events driven by deep context gathered through cyber risk and vulnerability assessments.
Proven attack detection through adversary simulation, and the tracking of improvements over time.
Minimal noise, with notifications only about what matters most, so you can focus on running your business
Key components of our Security Operations Centre (SOC) service
Security Incident and Event Management (SIEM)
Constantly monitor active and emerging cyber threats, aligned to your business context.
Security Orchestration and Automated Response (SOAR)
Behind-the-scenes processing of your critical cyber security data.
What to expect with Peloton SOC
As part of our security operations centre service, we provide a monthly report that contains key information on the health of the SOC platform and security alerts that have been raised over the past month, including:
- Monitored assets
- Data connectors deployed
- Log usage and associated cost estimates
- Log cost optimisation advice
- Service level targets
- Platform incident and service request summary
- Identified cyber risks in your environment
- Cyber attack detection heat map
- Security alert trending
- Priority 1 and 2 alert summaries
- Security incident summaries
The Peloton difference
Detections from our world-class, curated detection library
Peloton’s library of over 200 customised detections has been developed by best-in-class cyber security defensive specialists, meaning our ability to detect potential threat to your environment is significantly heightened.
Deep context about your environment
We draw on multiple sources, including our mandatory cyber risk assessment, SOAR integration and threat intelligence platform, to ensure our security operations centre (SOC) is focused on protecting what matters most to you versus drowning you in noise.
High-fidelity logging methodology
We make sure we have the audit events that matter most to detect threats and hunt for threat actor movements.
Frequently Asked Questions
A security operations centre, or SOC, is a command centre in an organisation where security experts or analysts monitor, detect, analyse and respond to security incidents. The SOC reports any vulnerabilities discovered and plans how to prevent similar occurrences in the future. In other words, they’re dealing with security problems in real time, while continually seeking ways to improve the organisation’s security posture.
The primary benefit of a SOC is the enhancement of security measures using nonstop monitoring and analysis. This produces a faster, more effective response to threats across the system and reduces cyber risk. However, there are additional benefits as well.
- Minimise downtime: cyber threats or incidents are detected faster and triaged more effectively, enabling internal staff to focus on other important initiatives.
- Build customer trust: all it takes is one significant breach to erode customer confidence. With the help of SOC working around the clock, the network and customer data are better protected.
SOCs commonly receive a lot of security alerts in a single day, many of which are low-fidelity alerts, which overwhelm security analysts with false positives or benign (i.e., an alert that incorrectly indicates that malicious activity is occurring). Consequently, the number of alerts is far more than most security teams are capable of effectively managing, with many investigated poorly or not at all.
A SIEM solution is intended to take some of those burdens from SOC analysts enabling them to detect serious security incidents in time to take action. Although a SIEM is not a requirement to have a SOC, the two work together to protect internal resources. A SIEM is potentially a highly valuable addition to a SOC.