ITrust has created the ideal arrange-ment for overseeing the security level of your IT infrastructure (in accordance with HDS or equivalent highly-restrictive standards), through its own SOC. Thanks to its SOC, ITrust offers you the possibility of setting-up a centralized log management system, completely inte-grated with existing infrastructures. A high level of effectiveness where tracking and log integration devices are concerned is what our clients can expect. UNIQUEPOSITIONING:

§ Managed § Market leader § Quality / Added-value § Scalable / flexible § Recognized expertise § Among the global leaders of

proactive detection MANAGEDSOCBENEFITS:

§ Expert team at your disposal, § Simplified cybersecurity

management, § Scalability and integrated updates § High reactivity, § Cost optimization. PRIZES&LABELS:

OVERVIEW

The SOC (Security Operating Center) proposed by ITrust aims to supervise the security level of your organization (or a specific isolated part within your infrastructure). This enables you to focus on your core activity by entrusting the cybersecurity of your information system in the hands of IT professionals. Our SOC achieves real-time supervision and enables:

§ The real-time analysis, storage and activity monitoring on your IS, § The real-time installation, operation and administration of your equipment.

This security operating center allows you to perfect your cybersecurity, while also ensuring the availability of your services,at an optimal cost and in accordance to existing regulations. ITrust offers you an ideal customizable security approach in dealing with cyber-incidents, designed to: 1. Prevent

§ Continuous vulnerability management, § Organizational and system audits, § Collaborator training on cyber-awareness.

2. Detect

§ Surveillance, detection, alerting and reporting functions, § Unknown threat detection.

3. Respond

§ Quick response, § 24/7/365 service, § Analysis and investigation, § Improvement recommendations.

4. Ensure risk control and compliance

§ Legal: CNIL, Bale, SOX, RGS, LPM, HADS, OIV, HIPAA; § Health-centered: Personal Or Protected Health Information, RGS, HADS ; § Standards : 27001.

” “

SECURITYOPERATIONCENTER

NEXT-GEN SOC OFFER The SOC offered by ITrust relies on: innovative PRODUCTS, excellence-driven EXPERTISE & proven PROCESSES.

PRODUCTS 1. IKare IKare is a vulnerability management solution that enables you to detect in real-time the vulnerabilities of your IS, web applications, websites. IKare automates the implementation of security best practices. This increases your security level by 90%; the tool reinforces the effectiveness of an antivirus or of a firewall.

SOLUTIONARCHITECTURE

2. SIEM SIEM (Security Information and Event Management) is a solution that enables you to continuously manage and correlate logs. Reveelium can be easily combined with an existing SIEM, going beyond the simple analysis of logs.

5. Back Office The Back Office of ITrust includes all support, monitoring & administrative activities. Our back office helps you achieve a refined security management, providing you with ticketing, workflow, alerting and Darknet monitoring.

3. Reveelium Reveelium is a behavior analysis solution, among the global leaders in its field, that enables you to detect viruses, APTs (advanced persistent threats) and other unknown threats. Reveelium was developed in order to provide organizations with an expert anomaly detection system. This system is based on intelligent algorithms, developed by ITrust over the last 7 years, with the support of 3 international laboratories.

4. Dashboard Our automated customizable dashboard summarizes in real-time field information, with the help of IKare Monitoring, and allows you to cross-check the assets, vulnerabilities and threats within your organization, with the aim of establishing your risk level day after day.

Back Office Ticketing Workflow Alerting

Darknet Monitoring

3. Reveelium

Anomaly Detection, Weak Signal Analysis:

§ APT, virus and unknown attacks detection, § Abnormal behavior discovery within your IS, § Data loss or data extraction avoidance, § Prevention of IT resources depletion, § Automatic alerts, § Recommendations, § Correction plan.

Managed:

§ Analysis issued by an expert engineer, § Service intervention in chip-mode if necessary.

SOLUTIONARCHITECTURE

4. Dashboard

Risk Management, in Accordance with a System of Reference:

§ Security policy implementation and follow-up, § Vulnerability and threat inventory, § Auditing for policy compliance, § Assistance in achieving full compliance.

Managed:

§ Analysis issued by an expert engineer, § Service intervention in chip-mode if necessary.

1. IKare

Vulnerability Monitoring:

§ Continuous vulnerability discovery, § Trending, § Automatic alerts, § Security monitoring, § Potential risk areas detection, § Recommendations, § App security, § Detailed inventory of critical and non-critical vulnerabilities, § Critical vulnerability correction plan.

Managed:

§ Alert and vulnerability study conducted manually, § Analysis issued by an expert engineer, § Operating team available for contact, § Crisis management follow-up § Escalation of non-processed critical alerts, § Service intervention in chip-mode* if necessary.

*Depending on the service ticket opted for,

you may benefit of a certain number of service chips.

2. SIEM

Log Correlation:

§ Intelligent log correlation, § Automated analysis consolidation, § Security events and log data archive, § Real-time anomaly alerting (before they can impact the

network), § Accelerated launch of security investigations, § Intrusion detection, § Simplified compliance with official regulations, § 7-year legal data archive (optional).

Managed:

§ Analysis issued by an expert engineer § Operating team available for contact, § Escalation of non-processed critical alerts, § Service intervention in chip-mode if necessary.

5. Back Office

§ Ticketing § Workflow

§ Alerting § Darknet Monitoring

PROCESSES

DELIVERY MODELS

Our SOC can be delivered:

On Premise (on-site) In SaaS mode (on demand) Managed (MSSP) by ITrust teams

EXPERTISE

Our SOC team is comprised of highly-qualified experts. These professionals define and implement processes and procedures, with the aim of preparing you for the potential threats to your information system and achieving security risk mitigation.

CONTACT Address: ITrust, 55 avenue l’Occitane Email: sales@itrust.fr 31670 Labège Cedex, France Tel.: +33 (0)567.346.780 Site: HYPERLINK "http://www.itrust.fr/en" http://www.itrust.fr/enwww.itrust.fr

DETAILEDFEATURES

1. Red Team

§ Vulnerability analysis, § Intrusive audit, § Code audit, § Configuration audit, § Darknet analysis, § Malware and attack analysis, § Reverse Engineering,

2. Blue Team § Securing assets, § Investigation, § Incident analysis, § Incident response, § Perimeter protection, § Security awareness, § Security architecture, § PRA PCA.

4. Communication & Legal In relation with institutional, state and legal actors, ANSSI…

3. R&D Team

§ Maintenance and updates, § Customized development.

Client references:

– Paris – San Francisco – New York – Frankfurt –