Long-term partnership with SOC Prime has enabled the multinational telecom and digital service provider to constantly keep detection content up to date and cover the industry-specific use cases. Obtaining the Premium Threat Detection Marketplace subscription has helped the telecom company supercharge threat detection capabilities and increase ROI from the existing SIEM stack and SOC operations.

Narrowing the Telecom Business Focus Toward Security Needs

Telecommunication networks are constantly facing cybersecurity challenges and are in dire need of sophisticated defense tools to withstand DDoS and other attacks typical of this threat landscape. 

By taking a holistic approach to the cybersecurity services, telecom companies are constantly looking for all-encompassing SOC solutions that would allow keeping track of the local cybersecurity needs in each country and timely address identified risks. One of the top telecom companies in the EMEA region, which further became the SOC Prime’s partner, was in search of an integrated security approach that would bring about proactive threat detection, continuous security monitoring, and deliver all sorts of log collection.

This industry leader in the telecom sector was seeking assistance in deploying a scalable infrastructure tailored to the telecom threat environment and continuous maintenance of the related security services, including guidance on scale-up and scale-down architecture solutions, migrations to newer software versions, and ongoing SIEM support.

One of the company’s primary concerns was finding a vendor of threat detection content that would offer innovative solutions for threat detection covering the telecom-specific use cases and applicable to various SIEMs, including ArcSight and the Elastic Stack. 

Overcoming Security Challenges with SOC Prime

With the purchase of the Premium subscription to SOC Prime Threat Detection Marketplace (TDM), the company has unlocked potential for continuous security enhancement applying the unique rule set keenly focused on the telecom attack profile. Mapping content to the MITRE ATT&CK® framework has brought about the increased content focus on threats the company anticipates most that has significantly improved the overall detection quality. The company’s security performers, including SOC Managers, Security Analysts, and Detection Engineers can now obtain value from the TDM content that is being constantly updated to meet the latest threats sparing in-house resources targeted at detection.

“We bought SOC Prime Threat Detection Marketplace subscription as we were struggling to maintain our rule sets which were putting our company at risk. Since subscribing to the Threat Detection Marketplace we are able to continuously update our security content without increasing resources. SOC Prime is now a critical part of our security infrastructure and increasing the venue from existing SIEM investments.”

IT Security Manager

Through the long-term partnership with SOC Prime, this telecom leader has received support in the transition phase, guidance on scalable architecture solutions and setup recommendations for a hybrid dual-SIEM environment based on ArcSight ESM and the Elastic Stack. SOC Prime has provided strategic advisory on the SIEM architecture, assured 99.99% platform uptime and helped to address the tactical tasks of cost-efficient log source onboarding maximizing threat detection capabilities and thus directly increasing ROI from the SIEM technology and SOC operations.

With SOC Prime TDM and accompanying services, the company has supercharged its strategic detection capabilities and reduced the Mean Time to Detection (MTTD) metrics based on the data collected in the Elastic Stack and powered by the exclusive TDM content.

Next Steps for Enhanced Security in Telecommunications

As a multinational telecom and digital service provider, the company is continuously striving to invest in developing markets while reducing the company’s operating costs to maximize shareholder returns. Leveraging SOC Prime TDM enables reasonable cost management along with the delivery of high-quality detection and accompanying security services. The company’s business strategy is also focused on accelerating the introduction of local digital services that requires a more keen focus on security needs.  

The company is looking for ways to level up its local SOC services resonating with their security initiatives and a growing need for innovations. These ambitions can be achieved looking back on the tangible outcomes gained through collaboration with SOC Prime and drawing guidance from this ongoing partnership.


The industry-leading telecom company in the EMEA market delivers all-encompassing communication and digital services to 210+ million customers with rapidly evolving economic dynamics. The key company’s vision is to empower customer ambitions through technology that can be achieved by guiding their choices and channeling their efforts and resources into the right direction neatly matching their business needs.


Looking for partnership in the telecom industry?

Join our Detection as Code platform to boost your cyber defense capabilities and find custom SOC content tailored to your industry-specific threat profile