SERVICECISO Services

Incident Response

Top
Services
CISO Services
Incident Response

With the increasing number of types of cyber attacks and the increasing number of opportunities to be attacked, it is difficult for each company to continue to respond independently, and the need for a C-SIRT to monitor cyber attacks and coordinate with other organizations is increasing. However, the amount of work required to build a C-SIRT from scratch is enormous, and many customers have considered the possibility of building a C-SIRT but have given up on the idea. IDR, which has supported the establishment of C-SIRTs for numerous clients, provides total support for SOC operations, including system construction and human resource training.

We solve your problems

There are many security solutions already in place and the information obtained is scattered all over the place.
It takes a huge amount of time to prepare and cannot start C-SIRT operations.
Unable to deal with issues that arise in operation after CSIRT is established

Service Features

Support in a wide range of areas of SOC operations

IDR's security experts can assist in a wide range of SOC operations, including workflow creation and review of existing C-SIRT operations.

Provide a platform with integrated functions

We provide a platform that offers a variety of services necessary for SOC through a single UI, such as integration between your SIEM and security devices, a place where analysts can share information, and a function to generate reports for your stakeholders.

Extensive post-implementation support

We support our customers even after the system is implemented, such as tracking and investigating whether automated operations are being implemented as expected, and building additional functions to meet customer requirements.

Introduction Flow

STEP01｜We support our customers even after the system is implemented, such as tracking and investigating whether automated operations are being implemented as expected, and building additional functions to meet customer requirements.

After hearing the following information from the client, we will conduct a survey to determine whether integration can be achieved and whether security vulnerabilities need to be addressed.
・The roles of C-SIRT and outsourced operations
・Inventory of information assets
・Information storage, retrieval, sharing, and communication methods

STEP02｜ Integration of systems and functions

We integrate your systems and environments into a unified platform so that they can be completed with a single UI. During construction, we check with the client to ensure that the UI is comfortable to use and that the necessary information is included in the reports.

STEP03｜Additional modification

A IDR engineer is appointed to deal directly with the customer. The customer and the engineer in charge coordinate to develop a plan for creating a workflow that cannot be implemented with standard functions. After the plan is drafted, a PoC will be conducted in consideration of the client's ROI and risk assessment before the workflow is built.

STEP04｜Continuous Activities

After implementation, we periodically review the effects of workflow automation, especially for operations that have changed significantly, and analyze whether there are any areas for improvement.
・For systems and settings that are determined to be out of the scope of integration, we will customize Playbook.
・In addition to the above, IDR's security specialists will also continue to investigate and monitor the entire system.