Why novaSOC?

Enterprise grade SOC as as Service

Why novaSOC?

Why novaSOC?

Small and medium sized businesses don’t have many options for true enterprise grade security operations at a reasonable price point. The traditional security monitoring modeluses a manned SOC with human analysts and eyes-on-glass that are standing by for SIEM events. This is limited in scope and doesn’t scale to an economic offering.

novaSOC turns that limitation on its head. By combining newly developed monitoring technology and the expert analysts in the Novacoast SOC, we can catch threats in real-time using broader endpoint coverage than ever before — file system, memory, network and Internet activity, browser configuration, and software inventory with known threat & vulnerability data to correlate and identify attacks or malicious activity.

But novaSOC isn’t software, it’s a SOCaaS — SOC as a Service from a top tier security services company.

Incidents are reviewed and analyzed by a human SOC analyst at one of Novacoast’s four global SOC locations, then remediated, escalated, or closed as a non-event.

Finally – Enterprise-grade SOC services for every business.

How does it work?

Traditionally, SOCs are setup to accommodate a small pool of customers with unique environments then consume monitoring data from specific enterprise SIEM or EDR products often chosen by the customer. It’s the ultimate in attended security monitoring but it’s limited by effort required in initial configuration and access management.

By using an innovative agent-based zero trust model that eschews conventional perimeter-based security models novaSOC can easily monitor all endpoints for virus, malware, ransomware, trojans, file-less threats, and incoming attacks over the network.

Data from endpoints is continuously streamed from the agent to the novaSOC analysis hub that runs in a private cloud. It’s then analyzed against known threats and vulnerabilities and escalated to a human analyst depending on the type of event.

novaSOC then provides analysis and recommendations for remediation to the service provider. All tickets and agent/node data can be viewed in a portal which provides tools for isolating and dealing with problem nodes.

Emphasis is put on the software as an automated protection, but it’s a mere tool used in the SOC service.