Cyber Security Operation Platform

Why our platform is unique and most efficient !

Our Cyber Security Operation Platform consists of an open and standalone security automation platform (SocView) that enables us to meet unique requirements of specific business environment(s), and security operational needs.

Our security analysts use Security Information and Event Management (SIEM) to manage and correlate security events from detection tools with other data and logs. While SIEM helps us to correlate security logs and events, they don’t do much in the way of reducing alerts or investigatory tasks or workflow management after an alert comes in. To mitigate such critical gaps, we use SocView as a security orchestration and automation platform to complement customer's SIEM architecture so that we can focus on critical alerts and proactively protect our customers.

SocView Platform allows us to provide a security service that's not restricted by number of security incidents (e.g. 100 major security incidents a year), it's truly unlimited.


Sounds interesting, or have a specific requirement on improving security operational efficiency? 

SocView is an open and standalone security automation platform that we can rapidly configure to meet your unique and specific business environment, and security operational needs. 

Security Operation Centre without Our Platform

Key Challenges

  • Multiple security monitoring dashboards if tools are not fully integrated with SIEM Platform. Even if you integrate, SIEM's Events Per Seconds (EPS) or Data Size will grow exponentially incurring additional cost to your security budget.

  • Multiple workflows across teams, and some of them are unique to your organisation that Commercial Off the Shelf (COTS) products are unable to automate fully.

  • Too many security alerts. Some of them are duplicate or false positives and/or informational only. Security team are unable to focus on critical alerts

  • SIEM's log retention period being 90 days (in most cases), security analysts are unable to get historical (>90 days) cyber attack information. It's extremely difficult to search historical attack information in ITSM tool

Security Operation Centre with Our Platform

  • There is no longer too many security alerts incl. duplicate alerts. Security team is able to focus on critical alerts, and investigate security incidents efficiently. 

  • Security function is highly productive and most effective.

  • Every manual workflow including remediation tasks are fully automated bi-directionally enhancing your SOC efficiency at least 40-60%.

  • Our platform's cost is not based on Events Per Seconds (EPS) or Data Size, hence you can keep your SOC alerts or ticketing data for years (We recommend 2 years).

  • Historical cyber attacks contextual information and SOC case worker's investigation information are easily accessible by SOC Team

Key Benefits

Key Benefits

End-to-End Integration Architecture with Our Platform

Our Cyber Security Platform Offering

Our Cyber Security Platform is powered by SocView Automation Platform. Whether you are looking for tool, services and/or combination of both; we can provide you everything to meet your need.

We offer flexible architectural options and operating models that you can choose from:

Option 1: Multi-Tenant SocView Automation Platform with AlienVault Anywhere SIEM ( Recommended by iCyberDefence)

  • Multi-Tenant SocView Security automation platform hosted in our data centre to provide a truly efficient (>40-60%) security operation. We offer 2 years (default) data retention.

  • Multi-Tenant Software-as-a-Service (SaaS) AlienVault USM Anywhere Platform hosted in AlienVault’s USA or EMEA data centre as per your choice. We offer 30 days (default) log retention.

  • We provide you 24x7 SOC service from our ISO27001 accredited data centre.

  • Quick to set up, very low capital investment and annual-subscription based cost model.

  • Most suitable for the organisations who have cloud-first IT strategy, and/or have a small internal security team to manage security function.

Option 2: SocView Automation Platform with your existing SIEM and ITSM solution

  • SocView security automation platform hosted in your chosen data centre or cloud platform to meet your existing IT strategy. It will sill provide an enhanced (>40%) security operation. We recommend 2 years data retention for SocView.

  • Complete integration, orchestration and automation of SocView Platform with your chosen SIEM tool, ITSM tool and other (if any) log/event sources (e.g. email alerts, threat intelligence, call centre, vulnerability scanning, patch management). 

  • Free training on the tool if you want to manage the platform yourself. If we provide you SOC services, we will take care of all the hassles.

  • Most suitable for the organisations who already has a SOC provider, and purchased a SIEM Platform, ITSM tools and need help in security automation.

Looking for more flexibility, and further customisable option?  


How Our Platform Works?

Tel : +44 (0) 020 8242 4756

iCyberDefence Limited

20 Eastbourne Terrace,


London W2 6LG, UK

©2018 by iCyberDefence, a brand registered under  iCyberDefence Limited, registered in England and Wales, 10980510

Registered Office: 27 Old Gloucester Street, London, WC1N 3AX