OVERVIEW
CyConcerto is an innovative platform for National Security Operation Centers (NSOCs) that strengthens national cyber resilience by integrating multiple cybersecurity systems into a single focal point. It centralizes threat analysis, correlates incidents with threat intelligence, and generates alerts for the NSOC ecosystem.
HIGHLIGHTS
- Performs centralized threat analysis and management
- Builds a national cyber situational awareness picture
- Supports the management and allocation of NSOC’s resources to its tasks
Values & Benefits
CyConcerto consolidates threat intelligence from multiple sources, correlates internal and external data, and integrates risk analysis to provide a comprehensive situational awareness picture for national cybersecurity.
The platform supports the management and allocation of NSOC resources, ensuring tasks are prioritized and personnel are effectively deployed to address cyber events.
When major or cross-organizational incidents occur, CyConcerto acts as the national crisis management system, coordinating response efforts across agencies and sectors.
CyConcerto can operate in a networked mode, connecting government, sectorial, and organizational SOCs with the NSOC to enhance collaboration, information sharing, and national cyber resilience.
Technical Details
- Key Features
- Attack Surface Management – processes vulnerabilities and attack surface information received from scanning systems (e.g. CyScan) and correlates it with threat intelligence data to create comprehensive risk and threat mapping for each sector and the nation as a whole Monitoring and Detection – receives cyber incidents and available raw data from organizations and monitored national service providers (Telcos, ISPs, cloud service providers etc.) and then correlates the collected data to identify nation or sector-wide attacks and generate appropriate alerts
- Threat Intelligence – receives intelligence from various sources and analyzes it with an emphasis on strategic intelligence, attacker’s TTPs (tactics, techniques, and procedures), attack progression scenarios and attack groups intentions and capabilities. Manages the entire intelligence cycle from collection and processing through analysis, dissemination, planning and direction Incident Handling and Resource Allocation – allocates forensic resources (e.g. Maestro) for cyber incident investigation and correlates the results of all the investigations to facilitate an optimized outcome
