LEO's Intelligence Enabled Next Gen SOC
Functional Components Description
Leonardo’s Next Generation Security Operation Center (NextGen SOC) provides a significant range of Managed Security Services to large and critical organization.
Currently, the security services portfolio is composed of a full range of service in the phases of Prediction, Prevention, Proaction and Reaction.
The predictive capabilities of Leonardo’s NextGen SOC are significantly enhanced by the Leonardo’sThreat Intelligence solutions with services proactively targeting the detection of cyber threats, the management of vulnerabilities and the response to security incidents.
Leonardo’s Threat Intelligence Solutions include systems and services based on the monitoring and analysis of large amounts of open source data, deep and dark web, aimed at detecting cyber attacks being prepared and information illegally stolen and published on the web. The solution also provides a comprehensive overview on brand or event sentiment, and the prevention of cyber frauds carried out through the Internet
Since the human factor is essential, even though edge technologies such as artificial intelligence are used to enhance research and highlight deductions, new links and information, Leonardo’s analysts team operates through the Intelligence Operation Center supported by next generation SOCs.
The system processes information and data through an end-to-end flow ranging from the collection of open sources information (OSINT), to the building of a knowledge base to carry out analysis and reasoning.
Both artificial intelligence techniques and a big data analytics engine are used for the purpose.
Predictive Identify the threat before it can became a problem for customer security (IOC)
Preventive Identify the customer security problem before it can became a security incident (RTSM _ SDM)
Proactive Identify the security incident and activate all necessary processes (RTSM – SSM)
Reactive Reacts to the security incident by performing all necessary actions (CSIRT)
Security operation center, dynamic risk assessment
Predictive: Identify the threat before it can become a problem for customer security (IOC)
Preventive: Identify the customer security problem before it can become a security incident (RTSM _ SDM)
Proactive: Identify the security incident and activate all necessary processes (RTSM – SSM)
Reactive: Reacts to the security incident by performing all necessary actions (CSIRT)
HPC: 500 TFlops High performance computing resources elaborating 500,000 bln operations every second.