Fortis by Sentinel SOC Team

Additional Info

Job title of nominated professional (or team name)SOC Team
Company (where nominated professional or team is working)Fortis by Sentinel
Websitehttps://www.fortisbysentinel.com/
Company size (employees)500 to 999
CountryUnited States
Headquarters RegionNorth America

Overview

The Fortis by Sentinel Security Operations Center (SOC) team closely monitors the network and related infrastructure of organizations 24x7x365 to help prevent, detect, and eliminate both exterior and interior threats as they emerge. People, process, and technology work together in the Fortis SOC to ensure organizations remain protected at all times. When customers sign up for SOC services, the Fortis team takes an active role in keeping their company safe. That includes monitoring throughout their entire network, including every user and device, whether it’s a phone, laptop, tablet, or Internet of Things (IoT) object.

The Fortis SOC team enables businesses to build a strong threat protection strategy and architecture based around a comprehensive portfolio of signature, behavioral, and heuristic security technologies. Real-time traffic feeds combined with world-class threat intelligence from the Fortis Threat Exchange (FTE), Security Information and Event Management (SIEM), and regular assessments allow the SOC team to send notifications and issue a service ticket/case the moment an alarm is triggered. From there, Fortis security analysts are available to assist with the identification, investigation, and guided remediation of the threat. On demand triage services are also available in a remote or on-site capacity.

Accomplishments

• The SOC team helps run Fortis Threat Exchange (FTE), which functions as an additional layer of security integration and automation based around intelligence trends gathered from security customers. FTE is always learning. The more customers Fortis has, the more visibility and insight they are able to incorporate into FTE. When combined with the Fortis intrusion detection sensor (IDS), it delivers heightened visibility, multiple points of detection, and additional capabilities beyond what most managed security offerings can provide. Additional IT infrastructure, cloud, and data sources are regularly added to the extensive list of Fortis-supported plugins.


• Security Information and Event Management (SIEM) provides advanced threat detection, analysis, monitoring, incident management, and visibility into the customers systems, network, and applications. SIEM is delivered from Sentinel’s CloudSelect® platform and adheres to strict multi-tenancy best security practices as well as regular third-party audits to ensure optimal performance. Using SIEM in conjunction with FTE, Fortis SOC analysts are able to hunt, alert, notify, investigate, and remediate security threats very rapidly, ensuring Fortis subscribers can respond as quickly as possible to protect their most critical digital assets. SIEM data is dynamically updated to include up-to-the-minute threats along with custom correlation algorithms that capture and interpret security data across the environment.


• Highly certified experts from the Fortis SOC team offer comprehensive diagnostic evaluations of a customer’s security operations to determine if the infrastructure, applications, and endpoints are correctly configured and implemented in ways that minimize risk and align with the organization’s security policies. Fortis stays current with security trends and the ever-evolving threat landscape, looking for weaknesses or gaps in coverage, misconfigurations or delays in patching, as well as any areas that fail to meet compliance requirements. The team then provides guidance on improvements and remediation of the customer’s environment.