Skip to main content

Security Operations Centre

Services for managing cyber security incidents

AARNet Cyber Security Operations Centre analysts working on computer code

Our SOC team can help you protect your campus networks, assets and people from cyber threats

The AARNet Security Operations Centre (SOC) is a purpose-built facility that provides the Australian research and education sector with a suite of capabilities for managing cyber security incidents. We provide 24/7 real-time monitoring and data analysis combined with incident co-ordination and remediation support services.

The AARNet SOC advantage

Real-time monitoring and data analysis

Our Security Incident and Event Management System (SIEM) proactively monitors your university’s traffic and captures and analyses millions of events 24/7.

Threat correlation

The AARNet SIEM uses machine learning and automation to identify and prioritise security incidents and to help with activities such as threat hunting and preventative security measures.

Common platform

The AARNet SIEM provides the sector with a common platform, enabling playbooks, scripts, actions and other threat intelligence to be shared for the benefit of all participating universities.

Incident co-ordination

Incidents are investigated, triaged, and escalated to you for threat mitigation. We work with you to develop mitigation strategies and ensure threats are remediated quickly and effectively.

More features and benefits

Fit for purpose

AARNet worked in partnership with several universities to design a centralised SOC that meets the unique needs of the research and education sector.

Security expertise

Our SOC is staffed by a highly-skilled team of security analysts and engineers trained to counter cyber threats in the university environment.

Customised portal

View your threat data and collaborate with our SOC team to fine tune your security via a customised workspace in the AARNet SIEM platform.

On-boarding support

Our dedicated SOC support team understands research and education sector environments and provides all the on-boarding support you need.

Threat intelligence

Our SOC integrates with various threat intelligence sources globally across the sector, security community and government to share and receive timely and relevant IOCs (Indicators of Compromise).

Secure infrastructure

The AARNet SIEM infrastructure is securely hosted across dual-redundant certified Australian-based data centres for improved resilience.

Predictable pricing

Talk to a cyber security expert

To find out more about how AARNet’s Security Operations Centre services can help you manage your cyber security risks, please contact us.