In order to extend the existing scalable and innovative log management based on Elasticsearch with SIEM functionalities and detection mechanisms, evoila was looking for a suitable manufacturer to do this. The evoila quickly came across SOC Prime. SOC Prime provides comprehensive enhancements in the form of content such as detection rules for all common SIEM systems on the market. In the first talks with SOC Prime, the impression of the outstanding possibilities that fit perfectly into the existing evoila portfolio was consolidated.
“With the Threat Detection Marketplace and SOC Prime’s SOC Workflow App, we’ve integrated a toolset into our Managed Security Service that allows us to massively reduce the mean time to detect (MTTD) cyber attacks,” said Christoper Knöll, Head of Security at evoila GmbH. “The rules created and validated by SOC Prime and its large developer community allow us to map the most up-to-date attack vectors directly into our service,” continues Knöll.
“With our Managed Security Service SIEM, customers of all sizes can profit from the possibilities of using Security Information and Event Monitoring (SIEM) without having to make large up-front investments”, says Johannes Hiemer, CEO of the evoila group. “We are also intending to participate in the SOC Prime Developer Program to actively develop the platform further.”
A partnership for more security – that’s what it’s all about!
SOC Prime Threat Detection Marketplace
The SOC Prime Threat Detection Marketplace provides threat detection content created by Incident Responders and for CISOs, SOC managers and analysts.
Important features of the SOC Prime platform are:
- Platform Support: Integrate and enrich Threat Intelligence and attack information for platforms such as Elasticstack, ArcSight, QRadar, Qualys, Splunk, and Anomali ThreatStream.
- Marketplace: The Threat Detection Marketplace offers the most comprehensive content mapped directly to the MITRE ATT&CK techniques.
- Automation: Linking information from SIEM, threat intelligence, vulnerability management and APT scanners. This will quickly create a situation picture of the current status.
- API integration: Available via API integration to incorporate content from threat detection feeds that cover over 215 techniques based on MITRE ATT&CK.
Security Solution Competency
Evoila GmbH considers Security as part of its holistic consulting, not as an add-on. The focus is on Cloud Security, the protection of those services that evoila GmbH today provides for its customers in all areas of the cloud. In addition to consulting, evoila GmbH also offers comprehensive managed services in the area of cloud security.
As an experienced, competent partner for the IT infrastructure, evoila GmbH has specialized in the product development of new ideas and concepts relating to cloud integration. Since 2012, the owner-managed company has faced every challenge in the IT market with great passion, excellent know-how and a pronounced awareness of quality, and strives for a good balance between employees, customers and the company. From its two locations in Mainz and Nuremberg, the company, with around 30 employees, contributes to technological progress and supports its customers.