ITERA - ETC
Home / Information security solutions

Information security solutions

SIEM solutions

ETC is a unit with strong capacity to deploy SIEM (Security Information and Event Management) systems for large organizations. With practical experience at Vietcombank, VietinBank, EVN, ETC has successfully deployed a large-scale SIEM system, meeting the requirements of 24/7 information security monitoring, supporting SOC operations and complying with legal regulations on information security

SIEM solutions

MAIN FEATURES OF SIEM SYSTEM

  • Centralized log collection and analysis

    The system automatically collects logs from many sources (firewalls, servers, applications, users...) and analyzes to detect abnormalities

  • Early detection of attacks and malicious behavior

    Applying AI/ML in user behavior analysis (UEBA), identifying attack behavior by pattern, supporting APT detection

  • Integration with other security solutions

    It can connect to IDS/IPS systems, firewalls, endpoints, WAFs, etc., to aggregate data and enhance multi-dimensional detection capabilities

  • Build a dashboard for real-time monitoring and reporting

    Intuitive administration interface, flexible alert configuration based on organizational policies

  • Assisting in incident investigation and tracing

    Long-term log storage allows for tracing the relationships between events, which is crucial for forensic analysis and auditing

SOC solution

ETC is a pioneer in designing, building, and operating Security Operations Centers (SOCs) for large organizations, notably the comprehensive SOC project for Vietnam Electricity Group (EVN). ETC's SOC solutions enable organizations to continuously monitor, respond quickly, and proactively protect their systems from increasingly sophisticated cyber threats

With experience deploying SOCs for national-scale organizations and key industries like EVN, ETC is committed to providing a synchronized, standardized, and flexible SOC solution that helps organizations proactively control system security, minimize risks, and enhance their cybersecurity defense capabilities

MAIN COMPONENTS AND FUNCTIONS OF SOC

  • 24/7 real-time security monitoring

    24/7 real-time security monitoring

    With experience in deploying SOCs for national-scale organizations and key industries such as EVN, ETC is committed to providing synchronized, standardized, and flexible SOC solutions, helping organizations proactively control system security, minimize risks, and enhance cybersecurity defense capabilities

  • Fully integrated core technologies

    Fully integrated core technologies

    This includes SIEM, SOAR (Incident Response Automation), UEBA, Threat Intelligence, and advanced alerting systems

  • The organization operates according to international standard procedures

    The organization operates according to international standard procedures

    Adherence to models such as NIST SP 800-61 and MITRE ATT&CK ensures effective detection, analysis, and response capabilities

  • Incident warning, coordination, and response

    Incident warning, coordination, and response

    Establish a tiered alert workflow, assign tasks to each team for processing, and record response times and processing results

  • Reporting, auditing, and compliance

    Reporting, auditing, and compliance

    Assisting in the preparation of periodic reports for information security audits and compliance with state standards and regulations

Other security solutions

ETC provides a comprehensive platform security solution suite, serving as a robust defense layer for IT systems and as a foundation for building and operating Security Operations Centers (SOCs). These solutions have been implemented by ETC at major organizations such as Vietcombank, VietinBank, EVN, the Customs Department, the Tax Department, etc., meeting information security requirements at levels 1–5

Network and application security solutions group

Next-generation firewall (NGFW)

Control network access by application, user, and content. Supports network segmentation and Zero Trust security policies

Database Firewall

Monitor database management system queries, alert to and block unauthorized or unusual activity

Secure Load Balancer

Efficiently distributes traffic while handling SSL offloading and Layer 7 security inspection

Intrusion Prevention System (IPS)

Detect and prevent cyberattacks based on signatures, behaviors, and anomalies

Protection against Denial of Service (DDoS) attacks

Protect the system from denial-of-service attacks, both at the network layer (L3/L4) and the application layer (L7)

Data protection and access control solutions group

Privileged Access Management (PAM)

Control and log all administrator account sessions, limiting access rights and time. Reduce the risk of internal leaks

Data Loss Prevention (DLP)

Detect and prevent the external dissemination of sensitive information (via email, USB, cloud, social media, etc.). Implement content control policies based on keywords, formats, and behavior

Endpoint Management (Endpoint Protection & EDR)

Early detection and handling of malware, ransomware, and unusual behavior on workstations and servers

Data encryption solution

Protect sensitive data at rest and in transit using encryption technologies such as FIPS 140-2, AES-256, etc

Meeting information security standards by level

Fully comply with Circular No. 12/2022/TT-BTTTT and Decree 85/2016/ND-CP

The solution is designed based on a three-layer protection model: core zone, DMZ zone, and outer zone; with full monitoring and logging

Support for assessment and level profile creation

Providing solution consulting, system testing and measurement, preparing technical documentation, and coordinating with relevant agencies for evaluation and assessment.