Security Operations Center (SOC) Assessment

 

Our Security Operations Center (SOC) Assessment evaluates SOC processes, technology and controls to identify areas for improvement.

Areas of focus within this assessment include:

  • Data Input
  • Security Information and Event Management (SIEM)
  • Processing and Correlation
  • Data Protection
  • Common Alerts
  • SOC Operations
  • Analysis
  • Cyber Threat Intelligence
  • Threat Hunting
  • Incident Response
Reference a visualization of the end-to-end SOC process at this link.

Deliverables include an assessment report and a slide deck presented to executive leadership.

The SOC is a critical component within your cybersecurity program. Service providers that provide a 'SOC2 Type II report' may still have significant control deficiencies. This is due to Type II being based on five “trust service principles” (a bit high-level). Type II is not specific to Security Operations Centers. If the Assessor does not have SOC specific work papers or better yet, years of experience within SOCs, they will fail to identify significant findings.

Fees and Payment

The assessment is billed at a flat rate. The engagement begins once the Statement of Work and Contract are signed and upon receipt of the first of three equal payments.

Phase Milestone Amount
1 SOW and Contract Execution 1/3 payment
2 First Assessment Interview 1/3 payment
3 Delivery of Draft Report 1/3 payment

Next Steps

Each engagement can be customized to meet the needs of the client. The first step in the process is to have a conference call to discuss requirements.

Recommendation

"We were considering a SOC service provider and engaged Virtual CSO to conduct due diligence. The SOC provided a current ISO 27001 certificate at the beginning of the assessment. Virtual CSO identified significant issues with the SOC's processes and technology. We did not move forward with that service. Crisis averted."

Assessment Options

Custom assessments may be conducted based on the needs of the client. Here are examples:

Assessments
Application Security Vendors and Service Providers Cybersecurity Risk Compliance
Business Process Risk Incident Response Line of Business Risk FMEA Process Risk
Ransomware Fraud Prevention Insider Threat Security Awareness Program
Mergers and Acquisitions Infrastructure Security Zero Trust Security Model Threat Landscape and Controls

This service offering description provides an overview for informational purposes only. The Statement of Work and the Master Services Agreement are the official documents for each assessment engagement.