The project

7. Working with dog

Level 3 expertise and support in CSIRT

We were integrated into the CSIRT team of a major player in the banking sector. The service involves the following:

  • Managing level 3 incidents (vulnerabilities, APTs, viruses, etc.).
    Creating, testing, implementing and maintaining security incident detection rules;
  • Creating and implementing incident management procedures;
  • Coordinating level 2 SOC operations
    Carrying out digital investigations / Forensics;
  • Hunting threats, analyzing weak signals and developing SIEM use cases;
  • Taking part in the implementation and maintenance of the SIEM, and other security platforms managed by the team;
  • Contributing to log collection and onboarding architecture projects.

Keys to success

1
Our expertise in security and an in-depth understanding of security production issues in a bank.
2
Our ability of the service provider to advance subjects in a matrix organization by relying on other production teams.
3
Our resistance to stress in order to apply their analytical skills and the ability to remain calm during security incidents.
4
Our good communication skills to manage resistance to change within projects.