A small medium Enterprise with both onsite applications and cloud based SaaS applications as well as internet connections is requiring a security operations solution. In order to mitigate the Capex investment of building their own SoC - they have decided to use Fortinet’s SoC-as-a-Service. On top of this, they have decided to use FortiAnalyzers advanced features of SIEM connector to also have at least some visibility through dashboards and event correlation to act as a secondary pair of eyes into any potential security threats.
In order to reduce Capex investment into advanced SecOps infrastructure, customer prefers to use a combination of outsource SoC-as-a-Service & their own tool sets.
Fortinet SecOps FortiAnalyzer offers a rich set of additional features including FortiSIEM connectors, & playbooks to allow for advanced reports and logging correlations as well as incident management reporting.
The customer’s security analyst can now flag any immediate high level issues to the Fortinet Soc-as-a-Service and vice versa for a double correlation of potential threat mitigation, The Fortinet SoC-as-a-Service will allow for pro-active threat hunting to potentially catch zero day threats and look at the overall threat landscape and dark web for any unusual patterns or activity. The customer’s analysts and own tools allow focus on more specific and targetted threat vectors.
