• Phone: (+31) 6 295 530 30
  • support@yonktech.com
get a quote

What Does a YonkTech SOC Do?

YonkTech Security incident handling requires several key functions, which security operations teams commonly deliver using a tiered structure that accounts for the experience levels of their analysts


  • Tier 1 – Triage: This is where security analysts typically spend most of their time. Tier 1 analysts are typically the least experienced analysts, and their primary function is to monitor event logs for suspicious activity. When they feel something needs further investigation, they gather as much information as they can and escalate the incident to Tier 2.

  • Tier 2 – Investigation: Tier 2 analysts dig deeper into suspicious activity to determine the nature of a threat and the extent to which it has penetrated the infrastructure. These analysts then coordinate a response to remediate the issue. This is a higher-impact activity that generally requires more experienced analysts.

  • Tier 3 – Threat hunting: The most experienced analysts support complex incident response and spend any remaining time looking through forensic and telemetry data for threats that detection software may not have identified as suspicious. The average company spends the least time on threat hunting activities as Tier 1 and Tier 2 consume so many analyst resources.

image




As enterprises grow, they need to build network infrastructure that connects branch offices in different geographic regions. IT networking teams must balance the organization’s need for simplicity, performance, reliability and security while considering costs and compliance. Because geographic distance can lower performance and increase cost, choosing how to connect remote sites can be challenging. Moreover, as enterprises continue to embrace digital transformation, the adoption of cloud-based applications introduces new ways to connect users to cloud and software-as-a-service (SaaS) resources. So, what is the best way for enterprises to connect multiple locations and users to business-critical resources while balancing performance, reliability and cost?