Cybersecurity with the help of surveillance centres (SOC) and artificial intelligence (AI)

Surveillance centres are gaining more and more attention and importance in the field of cyber security. In the IcyBear project, customers can use data center user consoles. It is a 24/7 SOC (Security Operation Center) monitoring service with MDR (Managed Detect and Response) and SIEM solution for monitoring and managing corporate IT infrastructure. "The data collected from the customer is evaluated in a specific context by artificial intelligence. This allows us to quickly see high-priority security incidents that need to be analyzed and addressed. Based on this information, our experts will verify whether it is the work of the user and nothing is at risk, or whether it is an incipient, more advanced attack," says Martin Listopad, IcyBear project director.

The connection with AI is very effective. Artificial intelligence puts all incidents in context, allowing the monitoring centre to detect a potential risk of attack much faster than if they only had a mass of logs to search and analyse. "The way it works is that our operator receives information and commands - there's dangerous activity running here that threatens our most important assets. It automatically triggers an intervention to block the malicious processes and the system issues a report on what needs to be addressed. This allows us to detect and evaluate up to 50 incidents. This intelligent defence is working today and will continue to evolve. It gives us a head start on conventional antivirus programs and our customers a head start on the competition," explains Martin Listopad.   

An extensive article in theCFOworld magazine about the functioning of monitoring centres in the Czech Republic

Up Up