Large companies use a multitude of security solutions to protect their IT systems against external and internal threats. However, a holistic view of the information collected by the various security solutions is often missing. Because of this, the reaction to IT security incidents is often a lengthy process, as relevant data has to be manually collected and correlated before an incident can be fully evaluated and further proceedings can be planned.
The goal of the SOC-Toolkit project is to significantly reduce the response times to security incidents and to provide security analysts with a holistic view of security incidents by automatically enriching and linking existing data from different security solutions. The faster containment of incidents minimizes the extent of potential damages, and the extensive automation of previously manual activities frees valuable employee resources for other purposes.
Runtime: 01.07.2020 – 30.06.2022
Partner: Nextpart Security Intelligence GmbH
Funding: Austrian Research Promotion Agency (FFG) – General Programme