Recently, I have heard about the ResearchSOC project, which offers some security services for science CI. Can this service secure our network and respond to attacks on our behalf?
It’s not quite that simple… ResearchSOC provides services that will detect issues, enabling your team to carry out the response. We also coordinate incident response when many different projects or entities are impacted.
Joining ResearchSOC can get you any or all of the following resources, depending on your project’s needs and resources:
- 24/7 network and systems monitoring by security professionals who can let you know about any anomalies so you can look into them in a timely manner.
- Vulnerability scanning services to alert you of systems which have not been updated to remediate known software vulnerabilities that would allow even an unskilled attacker to cause trouble with widely available attack scripts.
- Automated honeypot deployment. Honeypots are bait systems on your network that exist only to attract attacks and feed us monitoring data, so that we know when an intruder is in your network, and can attempt to profile their capabilities.
- Personalized training, support, and threat intelligence to help your internal security staff make the best possible use of ResearchSOC and all the other security resources available to them.
Feel free to reach out via firstname.lastname@example.org if you’d like to talk to someone on our staff to answer questions specific to your project.