VIRTUAL SOC

Lumen 24/7 virtual security operations center support

Get quick response and resolutions with Lumen® Virtual SOC: SIEM event monitoring and incident handling by top security experts.

VIRTUAL SOC

Lumen 24/7 virtual security operations center support

Get quick response and resolutions with Lumen® Virtual SOC: SIEM event monitoring and incident handling by top security experts.

VIRTUAL SOC

Lumen 24/7 virtual security operations center support

Get quick response and resolutions with Lumen® Virtual SOC: SIEM event monitoring and incident handling by top security experts.

VIRTUAL SOC

Lumen 24/7 virtual security operations center support

Get quick response and resolutions with Lumen® Virtual SOC: SIEM event monitoring and incident handling by top security experts.

Free up internal staff with a trusted partner

Lumen® Virtual SOC (Security Operations Center) provides 24/7 SIEM monitoring, incident handling and expert remediation recommendations. Our security experts augment your detection and response security strategy and close out false positives so you can focus on true events.

Free up internal staff with a trusted partner

Lumen® Virtual SOC (Security Operations Center) provides 24/7 SIEM monitoring, incident handling and expert remediation recommendations. Our security experts augment your detection and response security strategy and close out false positives so you can focus on true events.

Two people sitting on a couch talking and the person on the right is holding a tablet and gesturing

Why Lumen?

Three businesspeople talking and sitting around a conference table that has a jug of water on it

Cost‑effective SOC support services

Minimize labor and CapEx expenses with expert 24/7 managed SOC for SIEM monitoring and the option to leverage your existing SIEM investments.

Cost‑effective SOC support services

Minimize labor and CapEx expenses with expert 24/7 managed SOC for SIEM monitoring and the option to leverage your existing SIEM investments.

Four businesspeople sitting at a conference table and looking at a fifth person standing and speaking

Top security expertise

Our experts have unique access to threat intelligence through Black Lotus Labs® and its experience protecting the Lumen Network.

Top security expertise

Our experts have unique access to threat intelligence through Black Lotus Labs® and its experience protecting the Lumen Network.

Features and Specs

Get tailored support your business needs with tiered Virtual SOC packages.*

Features and Specs

Get tailored support your business needs with tiered Virtual SOC packages.*

Virtual SOC Essentials

Virtual SOC Essentials

Virtual SOC Plus

Virtual SOC Plus

Virtual SOC Premium

Virtual SOC Premium

24/7 SIEM monitoring and notification




Use case development and tuning




Runbook development and maintenance




Deep dive analytics



Incident handling



Use case advanced tuning



Threat hunting


*Requires customer to provide SIEM or purchase a Lumen Managed SIEM Service.

Support and service options

Professional Security Services

Reduce threat management overload, minimize attack surfaces and enhance defense alertness with our certified consultants and engineers.

Professional Security Services

Reduce threat management overload, minimize attack surfaces and enhance defense alertness with our certified consultants and engineers.

FAQs

Cyberattacks are multiplying year after year, and no enterprise is immune. Building and maintaining a Security Operation Center is expensive, not to mention the effort you need to find, train and retain the right security talent to monitor the tools and trigger threat responses.

Lumen® Virtual SOC provides 24/7 SIEM monitoring and incident handling to detect and analyze cybersecurity threats and incidents. Lumen SOC security experts quickly identify and triage events, fine-tune use cases, apply our extensive experience learned protecting the network, and take Threat Intelligence from Black Lotus Labs® for outstanding incident handling.

Today’s organizations need 24/7 SIEM monitoring to detect suspicious incidents and intruders in their network; however, the required resources and effort to perform this in-house are cost prohibitive for most organizations. With Lumen Virtual SOC, our security expert team augments your threat and response strategy and provides 24/7 SIEM monitoring to help you improve your security posture and align with regulatory compliance requirements without the financial burden of insourced SOC units.

Lumen provides 24/7 SIEM monitoring and incident handling leveraging your SIEM platform. The service features include:

  • Supported SIEM standard platforms are IBM QRadar, Splunk, Sentinel, LogRhythm, and FortiSiem.
  • 24/7 SIEM monitoring and notification: confirm the validity of SIEM Alerts, perform prescriptive analysis and provide notification according to Run Book.
  • Use case development and tuning—Lumen has a default set of templated use cases that adhere to the MITRE ATT&CK® framework. These use cases are customized for your environment and applied within your SIEM platform.
  • Run book development and maintenance—including notification process and procedures for handling alerts and incidents. 
  • Deep-dive analytics—analysis of trends, threats, incident mining and lessons learned, resulting in additional information about the Incident (such as causes and impacts) and expanded remediation recommendations (such as addressing impacted systems, etc.) to be included in the ticket (available in Plus and Premium packages).
  • Incident handling—identify cause of incidents by conducting analysis of logs, validates priority and recommends remediation actions (available in Plus and Premium packages).
  • Use case advanced tuning (available in Plus and Premium packages).
  • Threat hunting—proactive function conducted by a Lumen security analyst who reviews logs and configurations outside of your SIEM, taking into account current trends, outside of established use cases with the goal of discovering anomalies related to current events (available in Premium package).

 

Virtual SOC is offered in three package options, with pricing based on maximum number of monthly incidents and packaged selected by the customer. Standard features vary based on the package selected.

Lumen Virtual SOC is available in three packages:

  • Essentials: Includes 24/7 SIEM monitoring and notification, use case development and tuning, and run book development and maintenance.
  • Plus: Includes features in Essentials package plus deep-dive analytics service, incident handling and use case advanced tuning.
  • Premium: Includes features in Plus package plus threat hunting.

During the transition phase, Lumen security experts will work with you to collect the information required to develop the run book and identify critical use cases. Our security team will log in daily to your SIEM platform and monitor security events. Once an incident is identified, the SOC analyst classifies, triages and analyzes the event to validate if it is a false positive. True events are prioritized and notified to customers. Our SOC experts analyze logs to isolate incidents and provide deep-dive analytic analysis (trends analysis, threats, ticket mining, and lessons learned) and remediation recommendations that will enhance your response. Lumen can also offer proactive threat hunting (exclusive for the Premium package), where the expert reviews your system based on current trends outside of established use cases to discover anomalies related to current events.

Resources

Resources

Questions? Let’s talk.

Contact our team to get the assistance and answers you’re looking for.

Questions? Let’s talk.

Contact our team to get the assistance and answers you’re looking for.

Start chat

Request a
Sales callback

Call Sales
800‑871‑9244

Questions? Let’s talk.

Contact our team to get the assistance and answers you’re looking for.

Questions? Let’s talk.

Contact our team to get the assistance and answers you’re looking for.

Start chat

Request a
Sales callback

Call Sales