Security Event Intelligence monitors the activity of your Information System by collecting the logs of its components. These are then analyzed and correlated with each other to detect suspicious activity. In the event of an alert, the experts of the Orange CyberSOC check that the attack is real, and contact you with the information necessary to neutralize it.
The 3 axes of the service
The Orange Business Services SIEM solution is based on 3 axes: the technical platform that collects, analyzes and correlates events, the event monitoring strategy that defines what to monitor and how, and the management of alerts that defines how to treat them.
3 types of platform
• Shared : cloud platform, hosted at Orange France data centres
• Dedicated : fully customized platform
• Dedicated PDIS : plateform for Essential Operators, compliant with ANSSI : French National Cybersecurity Agency
2 ranges available
• General-purpose: global monitoring of basic security alerts
• Customized: global monitoring of basic security alerts + targeted monitoring of threats to your business
A choice of management levels that cumulate
0) online alert reports
1) + analysis of the month’s alerts and macroscopic action plan
2) + qualification of alerts in real time: actual alert or false positive?
3) + detailed analysis of alerts and action plan per incident
Support by our CyberSOC experts
Orange Business Services CyberSOC pools our cybersecurity expertize:
• trained experts
• Supervision, detection, reaction and anticipation
Global monitoring of cyber threats
Orange Business Services threat database collects information on cyber threats from more than 400 sources worldwide. This information is verified and correlated to correlate customer logs with global threats.
Relentless detection strategy
For each threat:
• we develop the possible scenarios and devices concerned
• we collect the appropriate logs event correlation rules and actions to take
• we establish the event correlation rules and actions to take