Platform

Platform

Use novaSOC the way that is most efficient and convenient for your organization.

About the innovative platform

Cloud-based

novaSOC data and analysis takes place in a robust cloud hosted architecture, using little to no resources on the local machines being monitored.

Threat Intelligence

novaSOC uses threat intelligence data from a variety of sources, each with a specific purpose. While threat intelligence is freely available from a variety of open-source feeds, there is also an industry of commercially curated intelligence, often specific to an industry. Each feed source has a purpose and strengths, and it important to us that we help our customers understand how we view these resources.

Open source feeds

The feeds that are readily available from the open source community, commonly called “OSINT,” provide great data, but there are some challenges. Open source tends to have a lot of overlap in data between the various feed sources, requiring that the ingestion process reduce or combine these to unique threats. They often lack guidance on how to utilize them in an actionable way, can be delayed on emerging threats, and will often omit or simply not cover threats from vulnerable proprietary products or information not intended for public release.

Commercial feeds

Commercial feeds, such as those from non-profit organizations called ISACs, are structured differently than OSINT. ISAC feeds are industry-specific, such as financial, government, manufacturing sectors

Lightweight endpoint agent

novaSOC monitors critical telemetry of endpoints via a a very lightweight installed agent.

Deployment is trivial, and each installer is custom-tailored for the customer so there’s no post-installation configuration required. It can easily be deployed with remote management tools or automated.

High-Visibility Portal

Portal is specific for a handful of goals. Main purpose is consolidation for security intel to allow MSP quick access to make decisions. Broken up into dashboard, ticketing, research, reports, and admin tasks.

Ticketing is actionable items for today. Something is wrong. Take some sort of action. Research is items to know about and handle over time. Ex: VM. Don’t overwhelm tricketing. Reporting: provide different ways to present data.