Does Defendeer SOC have access to our sensitive Data?
Most security solutions generate alerts in the form of log data or specific information which will be centralized and then consumed for the SIEM (Security Information and Event Management). The data might consist of sensitive information such as employee data (user ID), company IP addresses or event data subject data (like customer information), etc.
Defendeer is anonymizing these data sets before transferring the data to the centralized SOC database using data masking or encryption. This ensures that for the daily business in our SOC no real data is disclosed and no additional source containing sensitive data is created outside of your control for the notification process to provide the required information to the customer, Defendeer is decrypting the data, so the receiver is able to read, and act based on the real internal data. For Cyber Threats Response services, it might be necessary to dynamically decrypt the data to the Security Defense Analyst for the predefined actions.