Security Operation Center (SOC) - Managed services and co-sourcing

Cyber security hub for companies based in EMEA

Global organisations should carefully improve their cyber resilience and plan their security strategy, risk reduction and crisis recovery to protect their assets and reputation. They need to move security operations to the next generation: cloud-enabled, automated, AI-powered and integrated with digital transformation.

We provide managed and co-sourced Security Operations Center (SOC) services through flexible partnerships with boards and close cooperation with company security teams.

Our SOC services are always tailored to company specific needs, delivered remotely or on company premises. 

PwC approach toward Security Operation Center is based on the concept of connected execution. Our team of cyber experts from Poland, Czech Republic, Hungary, Romania, Bulgaria, Latvia, Estonia, and others in CEE, using advanced technology: cloud native security analytics, automation and threat intelligence is able to provide professional security operations to any organisation regardless of its localization.

Each team has its specialization which can be quickly combined to bring world class cybersecurity services, tailored to specific needs of the enterprise, consistent across geographies and with local presence whenever needed. 

The PwC team in the CEE region, 200+ professionals, works together with other PwC Cyber competence centres, including digital identity teams in the Netherlands, Germany and Denmark, a threat intel and incident response team in the UK, and the OT/IoT security experience centre in Israel, as well as with leading security technology partners.

 

The PwC team has been recognised by Forrester Wave as the No. 1 provider in Europe for its ability to blend technical skill with executive-level communication to help local and global organisations with security operations.*

* Źródło: FORRESTER’ RESEARCH, The Forrester WaveTM European Cybersecurity Consulting Providers, Q4 2019, The 15 Providers That Matter Most And How They Stack Up

 

Benefit from connected expertise of Security Operation Center (SOC) professionals

Protect your IT and OT infrastructure against malicious actors

identify vulnerabilities leading to data breaches
detect and response to cybersecurity incidents
ensure that cybersecurity tools are healthy and used in efficient and cost effective way
proactively discover ongoing breaches and be prepared for major incidents
efficiently manage identification and remediation of vulnerabilities and security exceptions for them
prepare well to successfully manage malware crisis
secure operational technology at the same or better level than the IT environment
develop and adapt detection mechanisms to emerging threats and improve incident response 
keep the information assets well protected in ever changing IT environment

How can we help you?

Security Operation Center services

Red-team and purple team

Our top of the line pentesting team, combined with industry wide frameworks such as OWASP, ATT&CK and others, combined with blue team experience will deliver best class services covering: 

  • STRIKE - cyber-physical hacking
  • Purple team - testing of SOCs resilience to real-world attack and help improving SOCs detection capabilities
Security Operation Center services

Blue team (SOC operations)

We deliver SOC services in managed or co-sourcing model:

  • L1, L2, L3 security analysts
  • Incident detection, analysis and response
  • Use case development
  • Reporting and dashboarding for cyber risks management
  • Knowledge retention and service improvements
Security Operation Center services

DevOps for security platforms

We support leading SIEM, EDR, VS, and SOAR platforms. 

  • Implementations of security platforms
  • L1, L2, L3 engineers for platforms
  • Daily maintenance and health checks
  • Upgrades, performance and capacity management
  • Assets onboarding, new integrations, feature improvements and tuning.  
Security Operation Center services

Proactive and reactive incident response

We advise on cyber risk profile coming from business risks perspective, help to prepare and either proactively look for compromise and threats within the organization or provide expert support in case incident happens:

  • Threat landscape analysis and threat modelling
  • Incident response plan preparation, crisis simulations
  • Compromise discovery, threat hunting
  • Incident response retainer services
Security Operation Center services

Vulnerability management

We support leading vulnerability scanning platforms. 

  • L1, L2 vulnerability analysts
  • Performing regular scans, reporting the results to appropriate remediation teams
  • Exception management
  • Escalations
Security Operation Center services

Malware resilience and recovery

We utilize our offensive and defensive skills to bring the full picture of malware risks and to help recover afterwards.

  • Testing of malware resilience by using malware-like yet benign software 
  • Review of overall security architecture responsible for malware defence and recovery 
  • Independent, at-scale analysis of files restored after infection to ensure security after incident
Security Operation Center services

Operational Technology Security

We provide our service not only in the context of IT infrastructure and applications but also for industrial systems as OT requires special approach to redteaming, SOC operations, vulnerability management, malware and incident response.

We do assess security of operational technology, provide security monitoring technologies tailored to OT world and provide top of the line expertise both in cyber and industrial control systems.

Contact us

Piotr Urban

Piotr Urban

Partner, Cybersecurity & Privacy CEE Leader, PwC Poland, PwC Central and Eastern Europe

Tel: +48 502 184 157

Tomasz Sawiak

Tomasz Sawiak

Director, PwC Poland

Tel: +48 519 504 234

Szymon Sobczyk

Szymon Sobczyk

Director, PwC Poland

Tel: +48 519 504 525

Follow us