product
- Macnica SOC Service
- CrowdStrike Monitoring Operation Support Service
- SIEM Operation Monitoring Service [Original App/Service]
- Active Directory Diagnostic/Monitoring Service
- Trellix EDR Monitoring Service
- Threat Hunting & Incident Response Service
- Triage service
- security assessment
- security advisory
- CSIRT construction support
- CSIRT enhancement exercise
- Suspicious email training service
- platform diagnostics
- Website security monitoring service
- Web application vulnerability diagnosis
Macnica Security Service
Macnica Security Services
Our security and operations specialists will take care of alert monitoring, analysis, and reporting for CrowdStrike Falcon (EDR) in use in your environment. While this service supplements the security knowledge that is necessary for operating EDR products, but tends to be lacking within companies, it is possible to significantly reduce the daily operational burden on customers.
*Falcon is an EDR product that monitors device behavior and specializes in detecting advanced threats that are difficult to detect with conventional antivirus software. Please refer to the following URL for product details.
Service outline diagram
Features of this service
- It is possible to significantly reduce customer operation man-hours
Suspicious terminal alerts detected and issued by CrowdStrike are analyzed by S&J SOC analysts with extensive experience, and will be contacted only when deemed necessary. It eliminates the need for customer confirmation of all alerts that occur daily, and can contribute to a significant reduction in operation man-hours. - Easy-to-understand, to-the-point communication
We will also contact customers in an easy-to-understand manner with a focus on the points (see the report image below for details). Rather than simply posting alert information, we provide an overview of the situation and views at the time of detection, as well as points to check and recommended responses for customers. - Providing a flexible monitoring system that meets your needs
Depending on your request, we can provide monitoring response time from 9:00 to 17:00 or 24 hours a day, 365 days a year (terminal isolation work can be handled as an option). In recent years, there has been a tendency for attacks to target non-business hours, and as business hours have expanded to include nights and holidays due to telework, incidents have tended to occur more frequently. increase.
Deliverable image
Flow until service introduction
Examples of tasks and schedules leading up to standard service implementation are as follows.
About ticket consultation service
For customers who monitor and operate CrowdStrike Falcon in-house, we also offer a ticket consultation service that allows advice and consultation on an alert-by-alert basis when an incident occurs. If you wish, please contact us from the inquiry at the top of this page.