SecurityMatterz Security Operation Center (SOC) manages and hosts a wide range of cyber security services, and in partnership with leading New Generation SOC solution vendors and system integrators offers its clients in the Middle East market fully-managed security services through MSSP contracts enabling them to have the best protection without investing in building their SOC and 24X7 operations.

SecurityMatterz SOC is located in Riyadh, Saudi Arabia with full redundancy, high availability and a team of specialized security analysts to provide you with 24X7 monitoring, incidence response and remediation. The services offered are:

Log Management & SIEM


Service Description

(SIEM) and Log Management service collects, correlates, analyzes and stores security events from networks, hosts, and critical applications. A team of highly skilled certified security experts working from our integrated Advanced SOC 24x7x365 Security Operations Centers use all this information, correlating it with our database of intelligence feeds.

Ideal for

Organizations that are looking to have SOC capabilities through managed services, this includes organizations who want to comply to SAMA, PCI or Yesser regulation, or organizations that have very critical data and want a 24X7 Monitoring for all activities.

Managed Security Services (AV-IDS, AV-HIDS, Virtual FW, VWAF)


Service Description

Protect your key information assets across networks, hosts, applications, databases, web based applications. Also, protect data and email from information leakage, viruses, Trojans, spyware, and malicious code distributed via email or other communication services, by outsourcing and managing our technologies to your site.

Ideal for

Organizations who are looking to have the below added security layers to their environment, and has lack of resources and expertise with a limited budget.

  • NG Firewall as a Service
  • Managed Intrusion Detection and Prevention as a service
  • Managed Web Application Firewall as a service
  • Honeypot Service
  • Firewall Analyzer
  • End Point Protection
  • Vulnerability Assessment
  • Policy Awareness & Enforcement

Next-generation firewalls combine the capabilities of traditional firewalls -- including packet filtering, network address translation (NAT), URL blocking and virtual private networks (VPNs) -- with Quality of Service (QoS) functionality and features not traditionally found in firewall products.

These include intrusion prevention, SSL and SSH inspection, deep-packet inspection and reputation-based malware detection as well as application awareness. The application-specific capabilities are meant to thwart the growing number of application attacks taking place on layers 4-7 of the OSI network stack.

Intrusion prevention is a preemptive approach to network security used to identify potential threats and respond to them swiftly. Like an intrusion detection system (IDS), an intrusion prevention system (IPS) monitors network traffic. However, because an exploit may be carried out very quickly after the attacker gains access, intrusion prevention systems also have the ability to take immediate action, based on a set of rules established by the network administrator.

For example, an IPS might drop a packet that it determines to be malicious and block all further traffic from that IP address or port. Legitimate traffic, meanwhile, should be forwarded to the recipient with no apparent disruption or delay of service.

A Web application firewall (WAF) is a firewall that monitors, filters or blocks the HTTP traffic to and from a Web application. A WAF protects a Web application by controlling its input and output and the access to and from the application. Running as an appliance, server plug-in or cloud-based service, a WAF inspects every HTML, HTTPS, SOAP and XML-RPC data packet.

Through customizable inspection, it is able to prevent attacks such as XSS, SQL injection, session hijacking and buffer overflows, which network firewalls and intrusion detection systems are often not capable of doing. A WAF is also able to detect and prevent new unknown attacks by watching for unfamiliar patterns in the traffic data.

Real-time detection of threats that have bypassed prevention security systems. Threat Matrix Deception and Response Platform changes the balance of power with sophisticated deception technology that deceives an attacker into revealing themselves. Detailed attack analysis and forensics accelerate incident response and provide protection against future cyber-attacks.

Firewall Analyzer, allows you to effortlessly optimize your firewall policy and keep it clean and lean. Its actionable reports identify and help you remove the bloat and clutter from your policy, while the analyzer. The below lists our provided solution’s features:

Endpoint Protection, provides fast, effective, and scalable protection from sophisticated malware and targeted attacks. It is ideal for servers, fixed function assets such as point-of-sale, ATM, and pay-at-the-pump systems, and thin-client or virtualized endpoints. It allows you to quickly identify and lock down endpoints to proactively prevent unauthorized use of removable devices or ports, and stops unknown applications from being installed and executed—without having to rely on anti-virus definitions and vulnerability patches. The below lists our provided solution’s features:

offers you the best-in-class Vulnerability Management as a service. We provide accurate internal and external scans across your IT assets such as network devices, servers, web applications, databases and other assets in your environment. The combination of our Managed Security Services with our offered technology lowers resource needs by automating the assessment processes through a structured distributed deployment, thus reducing costs from IT operations.

Simplify, centralize, automate your compliance programs, allow the organization to easily create and distribute your content to employee and third party based on role targeting the right content to the right people with the right time, giving the users a set of time to review and make an action that insures they are aware of the company’s policies.

Managed Security Devices


Service Description

Security Device Management provides organizations with full maintenance, updates, rule changes, tuning and 24/7 monitoring for security devices ‘that are under a valid support contract’ by security experts. Clients can optimize their current technology investment, using leading security vendors.

Ideal for

Organizations who are looking to have all their internal security devices partially managed and maintained, and they have lack of resources and expertise to manage it.


We offer our management for the below technologies:

Compliance & Consulting Services


Service Description

Assisting your organization to meet the requirement of governance and compliance with specific regulatory requirement, to be certified and accredited by a regulatory body.

Ideal for

All financial, government, enterprises who are looking to have their own internal policies and procedures and different technical controls in-line with business/strategical requirements based on internal standards.


We offer our clients with variety of consultancy services such as and limited to:

Service Bundles We Offer


Service

Scope

Basic

Enhanced

Advanced

Add-ons

Managed SIEM (T1)

IPS, IDS, FW, only notification

 

 

Managed SIEM (T2)

IPS, IDS, FW, Server & service availability

 

Managed SIEM (T3)

Enhanced + DB log

 

 

Managed Security Services (AV-IDS, AV-HIDS, Virtual FW, VWAF)

 

 

 

Managed Security Devices

Security Devices

 

Managed Honeypot

Endpoint

 

 

 

Managed FW Analyzer

ACL based devices

 

Managed End Point Protection

End-Point

 

Security Awareness /Policy Enforcement

Employees

 

 

Vulnerability Assessment as a Service

All

 

2

4

Post-Incident Response

Per Case

 

1

2


Compliance Consulting Services

ISO, PCI, VA, PenTest, etc..