Managing a Security Operations Centre at Scale
What is AsGARD?
AsGARD is the platform that provides oversight to MidGARD. It is the system that our SOC uses to manage, deploy and maintain MidGARD instances.
AsGARD provides our SOC the complete end to end workflow management to manage incidents at scale across thousands of MidGARD deployments. It provides the alert management, ChatOPS capabilities and collaboration tools needed to improve, manage, maintain and automate.
Complete management of rule bases within MidGARD including rule candidates submitted by clients.
By combining alerts across multiple clients, investigations can be performed at scale and large scale attacks detected easily.
A complete tool-set to enable a SOC to operate at scale and investigate quickly across thousands of clients.
Providing the tools to identify, integrate and rationalise intelligence feeds from around the world and integrate them into the MidGARD enrichment engine.
MidGARD is the recipient of the learning that is actually done in AsGARD. A SOC driven approach leveraging experts to drive the process.
A complete tool-set to manage and deploy MidGARD instances at scale through automation technologies.
A full suite of management tools to deliver secure standardised identity management across the whole MidGARD estate.
The ability to deploy MidGARD as single or multi tenant instances with cluster relationships to meet every possible use case deployment.