SOCaaP

• Introduction
  • Logging-in To The SOCaaP Console
• Dashboard Overview
  • Summary
  • Alerts,Incidents And Website Vulnerabilities
  • Customer Health
• SOCaaP Alerts/Escalations
  • Log-in To The Admin Console
  • The Home Screen
  • Service Summary
  • Incidents Overview
    • Incidents
    • Threat Summary
  • Log Collection Summary
  • Threat Communication Graph
  • Tickets
  • Reports
  • Notification Settings
  • Integrate Your Office 365 Account With SOCaaP
• SOCaaP XDR
  • Log-in To The Admin Console
  • The Main Interface
  • Eveny Query
    • Configure Event Queries
  • Report Generation
  • Administration
    • Event Collection
    • Phantom Settings
    • Manage Users
  • Appendix 1 – Field Groups And Event Items Description
  • Appendix 2 –SOCaaP Supported Logs
• SOCaaP Web Protection
  • Add Websites
  • The Main Interface
  • The Dashboard
  • Website Data And Settings
    • Website Overview
    • Security Scans
      • Website Scans
      • Website Files Security Scans
        • Malware Scan Settings
          • Automatic Configuration
          • Manual Configuration
        • Run A Scan And View Results
        • Notifications, Malware Removal And Scheduled Scans
      • Vulnerability Scans
        • CMS Vulnerability Scans
        • OWASP Top 10 Vulnerability Scans
    • Content Delivery Network
      • Activate CDN For A Website
      • CDN Settings
      • View CDN Metrics
    • Firewall
      • WAF Statistics
      • WAF Events
      • Configure WAF Policies
      • Manage Custom Firewall Rules
    • SSL Configuration
    • DNS Configuration
    • Add Trust Seal To Your Websites
    • Back Up Your Website
      • Backup Settings
      • On-Demand Backup
      • View Backup Records And File Statistics
      • Restore And Download Website Files
      • Delete Backups
  • Manage Your Profile
• Sensor Installation
  • Requirements
  • (Option 1) Create Installation Media
  • (Option 2) Deploy Virtual Machine Environment
    • Create A New Virtual Machine
    • Configure Memory Size
    • Configure Hard Disk
    • Configure Hard Disk File Type
    • Configure Storage On Physical Hard Disk
    • Configure Size Of Virtual Hard Disk
    • Configure Network Settings
    • Select VM Startup Disk
  • Sensor Installation Steps
  • Sensor Configuration Steps
    • Login To The Web Portal
    • User Settings
    • Configure Network
    • Configure Timezone
    • Key Activation
    • (Optional) Valkyrie Key Verdict
    • (Optional) Forward Log
• Frequently Asked Questions
• About Xcitium Security Solutions

Summary

This section shows the summary of the total enrolled customers. You can filter the statistics for a specific customer by selecting the customer from the drop-down in the Summary section. In this, Customers, Threats, Reports and Securities are all located on a single screen.

Customers - SOCaaP provides the Multi-Tenant Customer Portal. You can view the status of all customers here or select any specified customer using the drop-down button.

 

• Total Customers –Total number of enrolled customers 
  
  
• Partially Onboard Customers – Total counts of partially onboard customers
  
  
• Fully Onboard Customers –Total count of fully Onboard Customers

Threats - SOCaaP run treat hunting with real-time threat intelligence monitoring, correlating all events with threat intelligence feeds and detects any threats before it has been executed

 

• Critical Escalations – Total count of critical escalated tickets
  
  
• Total Escalations – Total tickets received for escalations
  
  
• Vulnerable Websites - Total vulnerable websites founded.
  
  
• Incidents - Total true incidents occurred within the last 90 days. The incident count is the total alert count minus false positives
  
  
• Alerts – Total rule hit count of events within the last 90 days
  
  

Endpoint Security 

Endpoint Manager discovers and enroll all assets of your customers instantly. Using network scanner and auto-enrollment tool and start protecting the customers

Managed Endpoint –  Displays the count of managed enpoints. Protected Endpoints – Count of protected endpoints with the anti-malware suite. Total Endpoints – Total number of enrolled assets of a customer Click the ‘Resolve Issues’ it will redirect to the Endpoint Security section in the ‘Customer Health’, you can view and manage the endpoints there.

Network Security

SOCaaP provides you with network security monitoring to detect threats on your customer’s network. This tile shows the risk status of your network security. The network security shows the logs log from your customer network .

Sensors – Total number of installed sensors Other Log Sensors – Total number of Firewalls, IDS/IPS, Active Directory, server logs Total Network Assests – Total Number of discovered and enrolled all assets of your customers. Click ‘Review Health’ to view and manage your ‘Network Security’.

Cloud Security 

SOCaaP integrates with Cloud, provides one click integration to Office 365, Azure, Google Cloud so you can see threats beyond your endpoint and network.

Monitored 0356 accounts – Total linked Office 365 monitoring includes tracking, alerting, and reporting Total Cloud Assets – Shows the total clod assts include 0365 accounts, google cloud and Microsoft Azure. Google Cloud – Number of monitored Google Cloud accounts. Microsoft Azure – Total monitored Microsoft Azure accounts(It will be added in SoCaaP shortly) Click the ‘Review Health’ to check the status of your cloud security.

Web Security

web security provide protection for websites, web applications and web servers against the increasing website hacking threats. The tile shows the risk status of your Web Security.

Managed Web Assets – Total managed assets of a customer, in order to collect logs and monitor events. Protected Web Assests – Count of protected web assets of SOCaaP network.Custmer should enroll the web-servers, endpoints and software assets (such as services) that they wish to monitor. Total Web Assests – Shows the monitored total count of web assets Click the ‘Web Security’ to check the status of your cloud security.

Reports – SOCaaP prepares wide range of custom reports for your customers

 

• Executive Reports – This report includes work summary like investigated and notified incident details and log collection details. Report also contains some analytics on data collected from customer and provides summary about overall security level of the customer.
  
  
• T.I Reports- A report of vulnerabilities analysed by the SOC team on all customer products. It includes the latest threats analysed as well as the result of SOC checks in the customer networks.
  
  
• Pentest Reports – Total count of data breaches reports
  
  
• Compliancy Reports – Total number of enrolled devices, last reporting status, Xcitium anti-virus product version status, new malwares detected in past one week and so on.
  
  
• Incident Reports – Contains information about network and system security.
  
  
• Website Vulnerability Report - Total count of web vulnerability deficiencies by crawling the website