Level 3 expertise and support in CSIRT
We were integrated into the CSIRT team of a major player in the banking sector. The service involved:
- Managing level 3 incidents (vulnerabilities, APTs, viruses, etc.);
- Creating, testing, implementing and maintaining security incident detection rules;
- Creating and implementing incident management procedures;
- Coordinating level 2 SOC operations;
- Carrying out digital investigations / forensics;
- Hunting threats, analyzing weak signals and developing SIEM use cases;
- Taking part in the implementation and maintenance of the SIEM, and other security platforms managed by the team;
- Contributing to log collection and onboarding architecture projects.
Keys to success
Our expertise in security and an in-depth understanding of security production issues in a bank.
Our ability as a service provider to advance subjects in a matrix organization by relying on other production teams.
Our resistance to stress in order to apply their analytical skills and the ability to remain calm during security incidents.
Our good communication skills to manage resistance to change within projects.