DREM SOC ˚360

Organization monitoring service against cyber threats

About Us

The company Secterious (Eitan Freimovich and Rony Atias) and the company ShvoIT (Moshe Shvo) used their extensive experience as CISOs and penetration testers for a wide range of organizations to develop a managed and innovative SIEM SOC service. This service, designed specifically for small and medium-sized businesses, is based on strong open source technologies and is tailored to meet the unique security needs of each customer.

Our team, which boasts over 20 years of experience in cyber security and digital investigations, is made up of leading experts trained in leading cyber security companies and the IDF's elite cyber units. We operate according to a customized methodology, which provides a response not only to the immediate needs of your organization but also prepares him to proactively deal with future threats.

Understanding that the field of cyber security is constantly evolving, we undertake to keep our services updated according to the latest technological advances, to provide maximum protection for your organization.

By combining innovation, deep expertise and a personalized approach, we provide comprehensive solutions for security incident management. Our mission is to strengthen your organization's capabilities in detecting, responding to and preventing cyber attacks, and to ensure its stability in the face of evolving threats.

Why we are experts for small and medium businesses

01

Economic optimization and cost maximization:

Reducing costs and improving security capabilities.

02

Expansion of the information security team:

Promotes the ability to deal with threats in a more efficient and stable and timely manner.

03

Current recommendations and indicators:

Provides useful intelligence and indicators to protect against potential attackers.

04

Available personnel and 24/7 SOC management:

Facilitates threat management and detection through an advanced SIEM system. When a cyber team is trained and available to you 24 hours a day

Why we are experts for small and medium businesses

05

Advanced threat monitoring system:

An advanced monitoring system that identifies and handles threats actively and proactively.

06

Professional intervention team (IR):

A professional and fast response team to cyber incidents and security losses.

07

Automatic vulnerability management:

Provides automatic vulnerability management that enables quick and efficient response to incidents.

08

Personal service

Accompanies and adapts the service to the organization's needs.

To coordinate the presentation of the service platform
MITER ATT&CK

The MITRE ATT&CK Matrix is a modular infrastructure that presents a wide set of attacking techniques used to achieve predefined objectives.

The tactics are classified by objectives in a matrix, which shows the process of an
attack from the starting point to the final effect.

The extended version of MITRE ATT&CK for Enterprise addresses many environments, including Windows, macOS, Linux, PRE, Azure AD, Office 365, Google Workspace, SaaS, IaaS, Network, and Containers. The various tactics in which the attacks listed in MITRE ATT&CK can be used can be spear phishing, command and control, and credential dumping.

MITRE ATT&CK היא תשתית מודולרית המציגה סט רחב של טכניקות תקיפה המשמשות להשגתיעדים מוגדרים מראש.

הטקטיקות מסווגות לפי יעדים במטריצה, המציגה את תהליך ההתקפה מנקודת ההתחלה ועד האפקט הסופי.

הגרסה המורחבת של MITRE ATT&CK לארגונים נותנת מענה לסביבות רבות כגון:

Windows, macOS, Linux, PRE, Azure AD, Office 365, Google Workspace, SaaS, IaaS,

Network, Containers
הטקטיקות השונות בהן ניתן להשתמש בהתקפות המפורטות ב- MITER ATT&CK יכולות להיות:

spear phishing, command and control, and credential dumping

Reconnaissance

Gathering information about the target for planning future operations

Resource Development

 Establishment of resources to support operations, which includes the establishment of a command and control infrastructure

Initial access

An attempt to enter the network, such as phishing

Execution

Running malicious code, such as running a remote access tool

Persistence

Changing formations and maintaining the foothold of the attackers

Escalation of privileges (Privilege Escalation)

an attempt to obtain privileges at a higher level

06

Escalation of privileges (Privilege Escalation)

an attempt to obtain privileges at a higher level

07

Defense Evasion

The use of trusted processes to hide malware

08

Access to credentials (Credential Access)

Stealing identical data and account passwords

09

Discovery

investigation and perception of the opponents' environment

10

investigation and perception of the opponents' environment

Using normal credentials to move between systems

11

Collection

Access and collection of relevant data for the purpose of an attack

12

Command and Control

Communication with affected systems for the purpose of control

13

Exfiltration

Stealing data from the affected network

14

Impact

Activation, disruption or destruction of systems and data

About the DREM SOC solution

An advanced and unified enterprise SIEM monitoring platform provides a comprehensive solution for persistent cyber threats and end-to-end hardening of enterprise systems.

The system is suitable for local, cloud and hybrid environments and guarantees comprehensive protection in the field of information security.

Especially in light of the transition to a routine of war, these areas are being re-invigorated due to the new challenges that include new attacks, vulnerabilities and weaknesses that are published daily.

This is a critical component that allows the organization to continue to function in a continuous business manner, when the SIEM platform supports a SOC system that operates 24/7 by the talented analysts working in a FLAT TIER configuration (also know how to identify and operate) even in emergency situations.

DREM Hybrid Cloud Observability is a modular, scalable and easy-to-implement system that provides full monitoring of all the organization's infrastructure – endpoints, servers, switches, storage arrays, existing security solutions, Office 365 and more.
DREM's monitoring platform provides advanced control capabilities, smart monitors, hardening and anomaly detection, and enables proactive detection of attack attempts or cyber incidents at all layers of the organization's network.

"The proactive threat detection and vulnerability management from DREM SOC have saved us from potential disasters multiple times. Their service is top-notch."
Rachel P.
"With DREM SOC, we no longer worry about staying ahead of cyber threats. Their hybrid cloud observability platform and expert support are truly exceptional."
Emily K.
"Thanks to DREM SOC’s advanced SIEM platform, we’ve been able to streamline costs while enhancing our security posture. The team’s expertise is evident in every interaction."
Michael B.
"The tailored services and 24/7 SOC management by DREM have given us peace of mind and confidence in our security measures. We’re glad we chose them!"
Joshua T.
"DREM SOC has revolutionized how we approach cybersecurity. Their 24/7 monitoring and tailored solutions have made our business more secure than ever. We highly recommend them!"
Sarah L.
"DREM SOC has been a critical partner in strengthening our organization’s cyber defenses. Their professional intervention team provides unmatched response times."
Daniel W.

© Copyright 2024, DREM. All rights reserved

דילוג לתוכן