SOC team training
Reduce incident response time and impact
Designs and develops a security operations program
So you can better defend yourself against advanced threats.
We help your team plan and prepare for a wide range of cyber incidents with the support of globally experienced experts.
Why do it?
You gain experience
You have access to an experienced team of incident response consultants, ready to help you develop and improve your incident response capabilities.
Reduce risk
Prepare the team for a coordinated and well-practiced response to help reduce uncertainty during complex cyber incidents.
You optimize the answer
Confirm your strengths and identify areas for improvement in your incident response processes.
You evaluate the preparation
Make sure you are prepared with a comprehensive review of existing response processes.
Develop and validate
Adapt your incident response processes to the cyber risk profile of your business.
What are we doing?
Using lessons learned from responding to a wide range of threats, Sectio Aurea consultants assess your organization's ability to manage specific threats and provide the guidance you need to make practical and meaningful improvements.
Whether you need to build a new incident response feature from scratch, improve your existing processes, or invest in specific technology, Sectio Aurea can help you improve your posture defense against persistent and sophisticated real-world attacks.
We will assess the organization's cyber defense capability, which typically includes their security operations center (SOC) and incident response functions (IR). After evaluation, you will receive a report with a detailed roadmap and priority recommendations for improvement.
We use a combination of activities, such as analyzing existing documentation, analyzing logging configurations, deep-dive workshops, table top exercises, and simulated testing of existing security measures, to rigorously review and validate your organization's cyber defense capabilities. , from the perspective of the six areas of incident response:
Governance
Foundation for effective cyber defense capability that supports the overall business mission.
Communications
Communication processes involving internal and external stakeholders before, during and after an incident.
Visibility
People, processes and technology that detect threats in the organization's infrastructure.
Intelligence
Attacker information used to understand and identify threat tools, tactics, and procedures (TTP).
Answer
How does the organization verify and classify incidents, assess their severity, and determine appropriate response actions?
Metrics
Measurement and development strategies needed to maintain and improve cyber defense capabilities over time?
How do we do that?
Documentation review
We review relevant cyber defense documentation such as incident response plans, manuals, run-books, communication plans and crisis management plans.
Onsite Workshops
Covers each of the core incident response competencies as well as a test of how to operate the SOC with the incident response team
Logging Configuration Review
A review of critical log samples to validate existing solution configurations.
Tabletop Exercises
Exercises based on discussions with technical and executive stakeholders so we can evaluate the incident response process.
Simulated testing of existing measures
Attacks are simulated on your network in a safe and controlled way, after which we evaluate the effectiveness of existing measures.
Reporting and debriefing
A report detailing prioritized tactical and strategic recommendations, as well as an actionable roadmap, so you can improve your organization's cyber defense capability.
What do you get?
An assessment of current cyber defense capability
Detailed recommendations for improvement
An actionable road map
Madalin Bratu, founder of Sectio Aurea, with a professional experience of 20 years in IT. His experience covers a wide range of fields, from cybersecurity and IT service management to process management, hardware and software maintenance, and advanced consulting in secure information governance.
Madalin Bratu spent a decade working at IBM, where he contributed to some of the most sophisticated service projects in Central and Eastern Europe. He played a key role as Global Portfolio Manager for Cybersecurity Services at Atos - Eviden, one of the leading multinationals in the field of cybersecurity, managing global cybersecurity projects in areas such as identity management and cloud security. His experience also includes valuable contributions to local companies, such as Safetech Innovations, one of the most dynamic cybersecurity firms in Romania.
Through Sectio Aurea, he offers unique, flexible, and relevant services. The company's business model, refined over nearly 5 years, is based on an innovative concept - that of microservices. Madalin is accompanied by a carefully selected team of experts and authoritative voices in the field of cybersecurity (CISO, DPO, CIO, architects), with whom he has built a healthy professional relationship through successful projects. This relationship has led to the optimization of an innovative delivery method (microservices in audit and consulting). These experts are actively involved in solving the challenges you face, ensuring customized and high-quality solutions.
Madalin has served many clients as a consultant in the implementation of the NIS Directive across various sectors (water companies, banking, utilities) but has also participated as a certified NIS auditor in various audit missions in complex or difficult-to-analyze environments. Most of his clients recommend him from the level of general director to IT Managers, Security Managers, and technical managers.