The approach SOCTraq takes to displaying received alerts is similar to that of an air traffic control interface. SOCTraq incorporates a visual element of “movement” to support active identification of advanced threats.
Compilation of disparate alerts/events into an identifiable threat chain and graphically depicts events and how their linkage could result in a compromise or breach.
SOCTraq includes both a rules and escalation engine for “recommended actions” and “countermeasures” as well as case management automation for tracking and managing incidents.
Identify faster, respond smarter, and monitor continuously across multiple domains.
Designation alerts are separated into one of four categories: Informational, Suspect, Configuration Management, and Critical.