Applied Intelligence, a subsidiary of BAE Systems (a Top 200 MSSP), has launched SOC.OS, a company that helps internal security teams manage alerts produced by threat protection and detection tools. SOC.OS also has secured £2 million (nearly $2.3 million) in funding from venture capital firms Hoxton Ventures and Speedinvest.
SOC.OS continuously analyzes, triages and prioritizes security alerts and escalates the most important incidents to IT security teams, according to Applied Intelligence. It is led by CEO Dave Mareels, who joined BAE Systems in 2017.
How Does the SOC.OS Platform Work?
The SOC.OS platform leverages a serverless cloud-based architecture, the company said. It enables organizations to deploy a lightweight syslog forwarder across their IT environments to collect and forward security alerts from their security tools to the SOC.OS platform.
Furthermore, the SOC.OS platform uses threat intelligence to enrich security alerts and groups these alerts into clusters, the company stated. Each cluster includes up to 5,000 alerts, and a list of all clusters is provided to security analysts.
SOC.OS security alert clusters also are visualized, the company indicated. This helps security analysts identify the MITRE ATT&CK threat type, incident timeline and entities involved.
What Are the Benefits of the SOC.OS Platform?
Organizations can leverage the SOC.OS platform to reduce security alert triage volume by more than 90 percent, according to the company. They can use the platform's dashboards and reports to evaluate the performance of different security tools, improve threat visibility and reduce mean time to respond to cyber incidents.
The SOC.OS platform is now available, and it can be used in combination with various cloud and on-premises tools. SOC.OS also is developing integrations with new security devices.