Solutions By Design – SOC Team of the Year
Photo Gallery
 |
Solutions By Design - SOC Team of the Year
Additional Info
| Job title of nominated professional (or team name) | Security Operations Team |
| Company (where nominated professional or team is working) | DHS USCIS |
| Website | http://www.SBD2.com |
| Company size (employees) | 100 to 499 |
| Country | United States |
| Headquarters Region | North America |
Overview
Solutions by Design II (SBD) has extensive Security Operation Center (SOC) experience and expertise in support, incident response, vulnerability management, digital forensics, Agile DevSecOps, security monitoring and security planning as well as security architecture, design, and engineering capabilities. Since 2013, SBD has been providing and maturing our SOC offerings utilizing an ITIL Service Portfolio approach, allowing us to focus on the very specific needs of our clients while innovating and adjusting these services over time. This has also allowed us to focus diligently on improving and maturing keys tasks and functionalities of a SOC, rather than maintaining the status quo. Services include:
• Incident Response: SBD performs incident response for over 35,000 users working at over 223 offices across the world. SOAR, the key to our incident response solution, has led to cost savings of over 9 million. Our team receives over 100,000 alerts per year; however SOAR automation filters out over 90% of these, leaving our analysts available to focus their time on priority incident detection.
• Big Data for Vulnerability Management: Our Big Data approach ingests 400GB+/day monitoring cyber-security events across 55,000+ host devices. SBD is currently performing 5 million+ weekly scans and 1 million monthly virus scans resulting in over 5,800 handled malware events. Leveraging this information provides a better threat picture and their security risks to our clients.
• Insider Threat/Behavior Analytics: SBD built out a user monitoring solution that targets high risk users while still meeting privacy considerations. This is focused on leveraging behavioral analytics instead of a “boil the ocean” approach.
• Cyber Threat Intelligence: SBD performs Cyber Threat Intelligence reviewing a variety of intel sources to provide actionable threat intelligence to our Cyber Defense Teams. Our support includes the implementation of user monitoring COT products, alerting and notification, customizing scripts for automated actions, forensics, and investigation support.
Accomplishments
- Our approach to evolving SOAR led to our client tasking us with three high priority projects; 1) continued automation of cybersecurity incident response, 2) integration of security tools into a SOAR platform, and 3) the development and integration of cyber threat intelligence to take proactive action. SBD’s approach provided the following results: performed1,908,662 automations, created 55338 records, and saved 111720 man-hours and a ROI of $9,247,165.
- SBD was an early adopter of Security Orchestration and Automation Response (SOAR) and has implemented an “automate everything” approach. This has resulted in SBD automating 90% of Tier 1 activities resulting in over 9 million dollars in cost savings for our clients. Beyond the cost savings, this has improved response time and provided better situational awareness to our client’s decision makers.
- SBD through Cyber Threat Intelligence has been able to automate IOC ingestion providing a feedback loop of internal to external, external to internal threat information that provides a more relevant and deeper understanding of the risks facing our clients. This has improved our understanding of risks, their overall impact to the mission and to take more informed mitigating actions quicker.
