Capabilities of existing controls against industry benchmarks and advisory
Development of roadmaps to enhance existing controls effectiveness, planning for new controls, enhancements to incident response capabilities, etc.
Mapping to business requirements and measurement of the SOC function, build of standard operating procedures, mapping of SLAs to SOC capabilities and business expectations, etc.
Agnostic review of SIEM market, mapping of SIEM / MSS capabilities to business expectations and SLAs, etc.
Agnostic review of EDR market, mapping of ERD / MDR capabilities to business expectations and SLAs, review of EDR capabilities against incident response expectations, etc.
Automation planning, response capabilities matrix development, road mapping of SOAR capabilities and development of “quick wins”.