Security Operations Centre

A Security Operations Centre (SOC) is an enterprise crisis management facility, which houses an information security team responsible for monitoring and analysing an organisation’s security position. The goal of a SOC is to monitor, analyse and investigate an organisation’s networks, servers, endpoints, databases, applications, websites and other systems, in order to detect and respond to any activity that is indicative of a cyber security incident. Cogito Group’s Jellyfish software command and control platform performs the monitoring and analysis of a SOC. Jellyfish receives feeds of information from the organisation it sits in and uses this information to generate an overview of the organisation’s security position.

Agile User Protal

The Jellyfish portal provides comprehensive visibility, which allows users to understand potential vulnerabilities and see the effects of mitigation.

Context-aware modules

The tools within Jellyfish communicate with each other to automate incident management processes.

Real-time monitoring and data analysis

All logged security information generate shared insights when the systems together, they quickly create and deploy solutions.

Threat correlation

Jellyfish gives a unique multi-layered view of events and incidents, and with a larger data set of information more in-depth insights are generated.

Advanced defence

Jellyfish monitors gateways and traffic to identify threat actor communications, if there is any indication of compromise, triggers within the system are automatically alerted to perform further investigation and incident response.

Instead of doing more with the same, do more with less

Typically, SOC staff must constantly feed threat intelligence – such as updates, incident reports, threat briefs and vulnerability alerts – into monitoring tools to remain up-to-date and ahead of threats. If a threat is identified, SOC staff must send individuals out to manage the issue.

Jellyfish automates this process. Instead of only identifying the problem and alerting on it so it can be tasked to an analyst to investigate further or rectify, Jellyfish addresses the problem directly. Jellyfish is designed to follow the concept that prevention is better than cure. Jellyfish prevents an incident rather than just sending someone to fix it.

Take an active approach, not a passive approach

Eliminate passive security tools

Traditionally, security tools passively report on breaches after occurance, rather than actively prevent them. Security Operations Centres manage risk through the use of analysts constantly searching for threats, then sending an analyst out to address the risk once it is found. Jellyfish lessens the need for analysts, as cognectors send triggers within the system take action on the threat as soon as it is identified.

Reduce the burden on SOC teams

Security Operations teams often become overwhelmed with alerts, and due to the constant need for monitoring, SOC teams also lack available personnel to resolve known issues. Jellyfish manages alerts and monitoring, which allows security operations teams deal with less. Instead of doing more with the same, we can do more with less.

Managed Security Service Provider SOC Services

As a Managed Security Service Provider (MSSP), Cogito Group can augment SOC capabilities within Jellyfish. A dedicated SOC requires large investment and it can be difficult to implement a 24x7x365 environment with high quality analysts. Our service gives access to security expertise and threat intelligence in an established 24x7x365 environment, which can validate and send alerts on potential security threats.