SOCTRAQ


Security Operations Center Automation

Real-Time Automated Threat Detection & Interdiction


The war against cybercrime is one of information and not just endless streams of data. Cyber incident responders need threat detection and interdiction tools that do more than just alert them, they need a system that helps them evolve from alert responders into alert hunters. SOCTRAQ is a heads-up display for security operation centers that provides directed focus for analysts to help them find the needle-in-a-haystack threats in the sea of SIEM data. We clarify and focus the attention of your analysts by showing real-time threat plots and dynamic motion displays. SOCTRAQ is the next generation of threat detection and interdiction and it’s ready today.


Discover More

Features & Benefits


  • ➤ Dynamic Alert Visualization

  • The approach SOCTraq takes to displaying received alerts is similar to that of an air traffic control interface. SOCTraq incorporates a visual element of “movement” to support active identification of advanced threats.

  • ➤ Graphic Depiction of Threat-Chain

  • Compilation of disparate alerts/events into an identifiable threat chain and graphically depicts events and how their linkage could result in a compromise or breach.

  • ➤ Autonomous Countermeasures

  • SOCTraq includes both a rules and escalation engine for “recommended actions” and “countermeasures” as well as case management automation for tracking and managing incidents.

  • ➤ Adaptive Machine Learning

  • Identify faster, respond smarter, and monitor continuously across multiple domains.

  • ➤ Actionable Threat Intelligence

  • Designation alerts are separated into one of four categories: Informational, Suspect, Configuration Management, and Critical.



Integrated Management System


Incidents are tracked in SOCTRAQ's integrated management system. Follow the steps of an Incident from Identification to Resolution.

Capture & Record

  • Associate Case to Targeted Object

  • Record Details of Case

  • Capture Actions

  • Classify/Determine Potentional Impact

Investigate

  • Understand behavior pre/post security incident

  • Correlate & Link Data Elements

  • Coordinate & Collaborate with Incident Team

Eradicate & Recover

  • Respond to Incident

  • Take Corrective Action(s)

  • Determine if custom signatures are needed to deter future attacks

Communicate & Close

  • Communicate Findings with Stakeholders

  • Lessons Learned

  • Produce and Analyze Metrics

  • Dashboard Creation

Take a Closer Look


SOCTRAQ provides real-time automated threat detection to improve team productivity.

SOCTRAQ Mobile HUD for Android


CyForce has developed the industry’s first mobile heads-up display (HUD) that allows Security Operations Center analysts to take the SOC with them for those times when they can’t be at their desks. The SOCTRAQ Mobile HUD application for the Android platform provides you with:

Secure, real-time SOCTRAQ “Threat Domain” alerts

Full trending and alert characterization reporting

Interactive Case management visibility and workflow



CyForce has developed the industry’s first mobile HUD that allows Security Operations Center analysts to take the SOC with them for those times when they can’t be at their desks. The SOCTRAQ Mobile HUD application for the Android platform provides you with: