SOCaaP XDR
SOCaaP is a security
intelligence and event management product (XDR) built exclusively
for MSPs to help them grow their business. SOCaaP features
advanced event log monitoring, built-in reporting, multiple pre-set
queries, a powerful custom-query interface, automatic assignment of
incidents to personnel, customizable dashboards and real-time alerts.
SOCaaP multi-tenancy architecture enables MSPs to manage
their customers from a single deployment and benefit from "big
data" scalability as their log sizes increase.
XDR
XDR: “extended Detection and Response” is a capability that arose from the needs of SOC teams and threat hunters. It not only delivers visibility into data across networks, cloud and endpoints, but also provides chaining of the missing pieces all together, adding the context and creating traceable events of actions between various sources and dimensions of telemetry data. With XDR the security teams should be able to:
Features
1.Use it effectively for their daily threat hunting tasks using automated analysis, data pivoting, baselining etc.
2.Seeing the context of the data sources and relationship between different alerts
3.Merge different context of information into common model, correlate them, track hidden threats.
4.Collaborate over cases and increase the productivity of the people operating the SOC.
5.Close investigations more quickly and efficiently.
Guide Structure
This guide is intended to take you through the configuration and use of SOCaaP and is broken down into the following main sections.
- SOCaaP SIEM