FAQ - Frequently Asked Questions

Cybersecurity is the industry term for IT security solutions and is used to protect all devices that can be connected to the Internet. Authoritative network devices and teams are used for security. NGFW, IDS/IPS, SIEM, EDR/XDR are some of these security solutions. The team, on the other hand, handles their use and consists of at least one SOC and one NOC team. SOC stands for Security Operations Center and translates to security operations center. NOC refers to the administrator environment. Among others, cybersecurity analysts, incident responders or pentesters work in the SOC to ensure that network administrators implement requested measures. Here we prepare you professionally to become a cybersecurity analyst.

A cybersecurity analyst is tasked with monitoring incoming and outgoing network logs, identifying potential threats, and initiating security measures. He works in a SOC with various security tools that control the network and end devices.

In job postings, this position does not yet have a standardized designation and can appear in the following variations, among others: SOC Analyst, Security Analyst, Information Security Analyst, IT Security Analyst, Information Security Officer, IT Security Expert.

A cybersecurity analyst must be fundamentally IT literate to understand network interrelationships. Keep your head up! We will teach you important components of the network so that you can understand the security required for it. The course requires active participation and dedication with self-motivation, discipline and the time to put in. Then you've come to the right place!

That's what this course is all about! We offer you a real SOC environment with high-quality, state-of-the-art security tools. Our instructors lead you through individual cybersecurity tools. Participation does not require in-depth knowledge of IT or cybersecurity. Participants with IT skills can sit back and relax during the first few modules. However, from the Security+ module onwards, it requires maximum concentration and active participation.

In 2022 alone, over 100 of our graduates were successfully hired. The chances of starting a career are very high. However, how quickly one is hired depends on various factors. The following questions, which you should have asked yourself beforehand, should provide some insight:

• How familiar am I with cybersecurity topics, including tools?
• What are my personal and professional strengths?
• What are the requirements in each job posting?

The course takes place exclusively online and the modules are taught live. 

Accredited course participants are obliged to attend. In case of excused absence, missed lessons can be made up independently thanks to records.

CS VISOR offers PPaaS to businesses as a service that helps organizations protect themselves from phishing attacks. Phishing is a form of cyber attack in which attackers create fake emails or websites to mislead recipients into revealing sensitive information such as usernames, passwords or credit card details. This information can then be used by attackers to cause harm.

This provides companies with a comprehensive solution to protect themselves against phishing attacks. This consists of various components depending on the specific requirements. Examples of these are:  

• Monitoring emails for suspicious activity
• Identification and blocking of phishing websites
• Train employees to be aware of phishing attacks,
• Scan email domains and content for suspicious activity.

In your organization, Phishing Protection as a Service from CS VISOR will help you improve your security infrastructure and take proactive measures to protect against phishing attacks. This can help reduce the risk of data breaches, financial losses and other damages that can be caused by phishing attacks.

CTI stands for Cyber Threat Intelligence and CTIaaS refers to the associated service with the corresponding tools. CTI includes information about cybersecurity threats and vulnerabilities from sources including:

• Safety analyses
• Threat Reports
• Forensic Reports
• Publicly available information.

Integrating CTI into enterprise security infrastructure can help proactively detect, prevent and respond to threats.

With CTIaaS, CS VISOR offers enterprises a service that performs CTI in real time without the cost and complexity of managing their own CTI systems and resources. Instead, enterprises can use CTI as a service from CS VISOR and gain access to comprehensive information about current threats and vulnerabilities. This enables companies to take proactive measures to prevent cyberattacks and improve their security infrastructure.  

To the extent that you purchase CS VISOR's Managed Security Service and a security incident occurs, CS VISOR will create and implement an Incident Response Plan (IRP) in accordance with the SANS framework to respond quickly and effectively to the incident. Here are some steps CS VISOR will take as part of an IRP:

• Incident detection:
  CS VISOR continuously monitors your network's security events and detects potential security incidents.
• Incident Assessment:
  CS VISOR evaluates the incident and determines its severity and urgency.
• Incident Response:
  CS VISOR takes immediate action to stop the incident and minimize the impact on the network.
• Incident Analysis:
  CS VISOR performs a detailed analysis of the incident to determine the root cause and recommend further steps to improve the security of the customer's network.
• Incident remediation:
  CS VISOR assists the customer in remediating the incident and ensures that the network is back up and running free of malware.
• Incident reporting:
  CS VISOR creates a comprehensive report on the incident. In the process, you receive the analysis results and recommendations for improving your network security.

When creating and implementing an IRP according to the SANS framework, CS VISOR takes into account various factors such as the type of incident, the affected systems and data, the severity of the incident and the impact on the customer. The goal is to respond quickly and effectively to the incident and minimize the damage to the company.

CS VISOR offers security audits that focus on the ISO 27001 standard for information security management systems (ISMS). Here are some steps typically performed by CS VISOR during an ISO 27001 security audit:

• Planning and preparation:
  CS VISOR plans the audit and ensures that all necessary documents and information are available for the audit.

• Document review:
  CS VISOR reviews ISMS documents, such as the security policy, procedures, and protocols, to ensure that they meet the requirements of ISO 27001.

• On-site Audit:
  CS VISOR conducts an on-site audit to review the physical environment, processes, and systems to ensure they meet the requirements of ISO 27001.

• Vulnerability identification:
  CS VISOR identifies potential vulnerabilities in the ISMS by performing various methods such as interviews with employees and technical audits.

• Vulnerability assessment:
  CS VISOR evaluates the identified vulnerabilities according to their risk to ensure that they can be prioritized accordingly.

• Reporting:
  CS VISOR compiles a report of the audit findings, including a list of vulnerabilities that need to be addressed to achieve ISO 27001 compliance.

During an ISO 27001 security audit, CS VISOR takes into account various points that need to be covered within the ISO 27001 standard, such as:

• Information security management requirements
• Risk assessment and risk treatment
• Asset protection
• Access control
• Operational safety
• Security incidents and vulnerability management
• Monitor and evaluate ISMS performance.

By having an ISO 27001 security audit performed by CS VISOR, organizations can ensure that their ISMS meets the requirements of the standard and that the necessary safeguards are implemented to keep their information secure.