The solution is available in managed, co-managed (hybrid) or bespoke mode.
- Monitor managed infrastructure
- Boost threat detection via advanced analytics
- Minimize false positives via industry-leading intelligence
Technology, expertise and threat intelligence
Security Event Intelligence is based on three modular components: the technical platform that collects, analyzes and correlates events (SIEM), the basis for threat detection that powers the technical platform, and the CyberSOC approach to manage and react to security alerts.
Detection basis
Benefit from a choice of detection mechanisms
- Standard: global monitoring based on the Orange Cyberdefense proprietary threat intelligence database, aggregating public and private feeds from 500+ sources, including weak attack signals from our global Internet backbone
- Bespoke: advanced options for a customized solution
- Targeted monitoring of threats to your business based on system criticality and your specific vulnerability context
- Detection of zero-day attacks via user behavior analytics, network traffic and behavior analytics powered by Artificial Intelligence and Machine Learning technologies
- Improved response effectiveness via security orchestration and automation solutions
Alert management
Incremental service levels to suit your needs
- Online alert reports: manage alerts generated by the platform via our user-friendly web interface
- Analysis of the month’s alerts and macro action plan: understand incident trends and increase your cyber resilience with expert advice on an ongoing basis
- Qualification of alerts in real time: actual alert or false positive? Ensure your teams focus their time on actual security incidents with 24/7 monitoring from our CyberSOC
- Detailed analysis of alerts and action plan per incident: maximize your response effectiveness with comprehensive incident analysis and actionable recommendations
Technical platform
Choose from a range of platform options
- Shared: cloud-based public platform hosted at Orange data centers
- Dedicated: fully customized platform hosted on ours or your premises
- Dedicated PDIS: an advanced platform for operators of essential services
- We can also provide a managed service based on your existing SIEM platform
Support by our CyberSOC experts
Our four Orange Cyberdefense CyberSOCs pool cybersecurity expertise from across the globe. That means you'll benefit from our experience safeguarding over 720 multinational customers, including the Orange Group.
correlated security events per day
qualified security incidents managed per month
Our dedicated Security Managers advise you on the outcomes of the monitoring service provided, identifying actions and solutions to continuously improve your cyber resilience.
Real-time threat intelligence
Orange Cyberdefense collects information on cyberthreats from public and private sources worldwide. Additionally, as a network operator, we have visibility of the first signs of attack. This information is verified and correlated in real-time against security logs to minimize false positives, thoroughly qualify incidents and ensure you do not miss real threats.
Our proprietary threat intelligence at a glance:
malwares
entries
sources
direct flows from our Epidemiology Lab, Next-Gen sandbox, Network Backbone and public email in-boxes (APT)
Expert managed detection and reaction
In addition to Security Event Intelligence, you may consider our Computer Security Incident Response and other threat intelligence services to complete your threat management measures. Our Security Response team offers fast support on-site or remotely in the event of a security breach. Our experts will support you throughout all phases to contain and remediate threats according to agreed SLAs, orchestrating the remediation process together with your teams and other partners. We can also support you after an incident with digital forensics, post-mortem investigations, e-discovery and evidence preservation services to support legal action. Our expert teams can undertake threat hunting on latent intrusions, disrupting current threats and enhancing security measures against future ones.
Benefit from a range of other threat intelligence services from our cyber surveillance experts, including:
- Digital asset surveillance: Internet footprinting, website monitoring, blacklist monitoring
- Fraud prevention: domain name monitoring and take down, phishing detection and take down, malware detection and analysis, mobile app store monitoring
- Cyber content surveillance: data misuse/contraband, sector and targeted threat monitoring, brand monitoring