The service that ensures the all-round security of your business
The Var Group Digital Security division’s eXtended Security Operation Centre (XSOC) is one of the most advanced tools in Italy for protection against IT risks and threats. Thanks to 24/7/365 active monitoring of systems, and the protection of two teams of cyber and network security experts, the Var Group Digital Security division guarantees an effective response to attacks against small, medium and large companies. Every day, companies of different sizes and sectors are subjected to cyber-attacks which jeopardise their technological, IT and security assets in the space of seconds. Complete and effective defence against this requires a well-defined strategy constructed alongside the client. Our approach to cyber and network security provides for in-depth analysis of the assets to protect and a clear, precise definition of the interventions required in the event of threats.
The digital transformation has increased the attack surface, while cyber-attacks continue to grow more and more advanced. Providing sufficient protection for your business represents a strategic choice even before it becomes a necessity.
The service, also provided in as-a-service and pay-per-use mode, meets the requirements of companies of all sizes and sectors, and is designed in particular for companies operating in contexts where rigorous data confidentiality is required, as well as organisations which must guarantee business continuity (home banking, e-commerce, logistics platforms…). Our clients are spread over all business sectors: automotive, transport, energy, fashion, banking and finance, food and beverage, gaming, healthcare, hospitality, critical infrastructure, industry and manufacturing, technology.
Two synchronised teams. An impeccable service.
XSOC provides complete monitoring of company infrastructures to ensure their security and continuity of operation. The SOC team’s analysts deliver an effective response to cyber-attacks, identifying threats from the very first signs and managing an organic response involving security and networking (NOC) experts. The combination of these highly specialised skills generates benefits by providing a fast, visible, proactive response and guaranteeing a high-quality service.
// MONITOR, ANALYSE AND INTERVENE TO PROTECT ASSETS
The XSOC service detects threats which could jeopardise business continuity and security of assets from the very first signs and combats the dangers involved by pre-agreed procedures: remediation activity by Var Group Digital Security or simply a notification to the client’s IT Security team.
EVENT
MONITORING
We proactively monitor, 24/7, the security and reliability status of your infrastructure with the support of behavioural analysis tools and technologies able to detect anomalous behaviour within the monitored perimeter, or even faint signs of a possible malfunction of internal assets. The monitored perimeter context is further enhanced thanks to incorporation of Threat Intelligence information from the most active partnerships with the most important Italian and international CERTs.
ANOMALOUS EVENTS
DETECTION
We analyse the events picked out by the monitoring tools to identify anomalous behaviour and activities, ruling out false positives and irrelevant events, with the aid of automation platforms which simplify event prioritisation, reducing response time.
DEEP ANALYSIS &
INVESTIGATION
We conduct in-depth analysis on advanced threats, current impairments and diffused malfunctions of the company network, using a team of experts in malware analysis, forensic analysis and combating phishing in the security area, and personnel specialised in enterprise and edge networking for the network monitoring side. These activities allow the root cause to be identified, before eradication, remediation and restoration of normal operation.
ALERTING &
INCIDENT RESPONSE
We create a playbook which is shared with the client to implement specific and customisable procedures if security incidents or events, or blocking problems arising from network malfunctions, are detected. When required, the CERT can be activated in order to provide support, either remote or on-site, to manage and respond to the incidents detected. Support is provided both while the incident is in progress and in the subsequent phases of Lessons Learned and implementation of the remediation procedures.