Features

novaSOC features

A comprehensive suite of detection capabilities with industry leading threat intelligence, serviced by expert security analysts to keep your assets covered.

novaSOC/SOCaaS features

As an innovative integration of contemporary security monitoring tools that provide data for a manned SOC service, novaSOC is the best of all worlds.

It's designed from the ground up to leverage big data to cross-reference and correlate observed endpoint telemetry with known threat intelligence. But it's not just technology – novaSOC's most valuable feature is that it's a service with real human security analysts available around the clock to provide guidance and support.

Here are a few of the functions novaSOC provides which are normally only found in integrated combinations of premium enterprise-grade security suites:

Endpoint Monitoring

Combining the concepts of contemporary monitoring tools like SIEM and EDR, novaSOC provides functionality culled from both of these well-known industry tools. The lightweight novaSOC endpoint agent provides telemetry for every potential indicator of attack or compromise, including processes, memory, file system, and network activity.

SIEM Services

The novaSOC agent ships security logs from the endpoint to our analysis hub where the log entries are processed. Information and events are then correlated with known threat intel and assigned a severity.

MDR (Managed Endpoint Detection & Response)

Going well beyond the conventional signature-based anti-virus and anti-malware offerings, our EDR functionality is endpoint protection but with intelligence.

A deep dive on file system, memory, software inventory, and browser plug-in activity can reveal malicious activity that’s missed by the one-dimensional scans of conventional endpoint protection. For instance, signature-based EP will not detect a malicious Chrome extension that harvests keystrokes and credentials. novaSOC correlates known malicious browser extensions with our extensive threat data to help find where your data is being silently exfiltrated.

Ticketing

The main objective of the novaSOC portal is to provide appropriate visibility and guidance on where and how to take action. Any security event that requires action becomes a severity-ranked ticket, and provides relevant information, insight, intelligence,and guidance on what to do next. Sorting and filtering tools give you the power to pinpoint trouble nodes, users, or IPs.

Remediation Suggestions

The most important role of a SOC is to provide guidance in the event an attack or compromise occurs. In the event of an incident, our expert security analysts will send suggestions on how to remediate and whether or not a more serious incident response is warranted.

Vulnerability Management

Conventional vulnerability management is accomplished via one of two ways: remote scans or an agent running on the endpoint. It’s well known that remote scans are limited in usefulness. A local agent running on the endpoint to correlate software inventory versions with known vulnerabilities is the only way to accurately gain any visibility.

novaSOC's local agent gathers software inventory and determines any unpatched vulnerabilities, then displays a dashboard of aggregated vulnerability data for the service provider to use as a punch list for getting their customers back above water.

Managed Cloud Monitoring

Every organization’s security footprint extends into the cloud, but it also provides additional exposure to threats, making monitoring of cloud service activity a critical line of defense. Azure – See below in integrations.

Managed EDR

Managed Antivirus

Detailed Analytics

novaSOC provides tools and analytics to gain insight on incidents, aid investigation, help identify weaknesses, and improve response times.

Custom Reporting

novaSOC provides tools to generate custom reports in PDF format, showing aggregated data for tickets, incidents, vulnerabilities, and more. The reports can be custom branded with your logo and branding for delivery to customers.

Multifactor Authentication

novaSOC supports MFA by default for user authentication to the portal.

Client Segmentation

novaSOC is intended as a tool for Managed Service Providers to monitor their customers’ assets and is designed from the ground up to allow segmentation of your customers.

Filter by customer in your portal to gain specific visibility, generate reports with aggregated data, and apply your own branding.

Compliance

Responsible handling of customer data and endpoint telemetry is a critical concern for novaSOC. Our software, systems, data, and procedures exceed SOC2 standards.

Integrations

The novaSOC philosophy is to not reinvent the wheel outside our core features. Integrating with our customers’ chosen tools and systems wherever possible is preferable to shifting them into an ecosystem that tries to be everything. That’s why we’ve developed integrations for a variety of products for functions like ticketing, workflow, EDR, and more.