
Ask HN: Building a virtual SOC for non-profits, activists who wants to help? - secfirstmd
Hey everyone,<p>I just wanted to see if anyone knew of any UTM, EDR, Next Gen Antivirus companies that have non-profit programs or discounts? I know that Crowdstrike has a foundation (https:&#x2F;&#x2F;www.crowdstrike.org) that I am reaching out to (haven&#x27;t got a response in the past 12 months unfortunately) and some vendors have very basic endpoint offerings (https:&#x2F;&#x2F;www.techsoup.org&#x2F;security).<p>So a little about us. We are a small human rights organisation that specialises in working with high risk non-profit, NGO, activists, media etc all over the world. Ranging from small community groups in the US to large well-known international organisations and to lone individuals protecting rainforests. We work to protect a few dozen groups and hundreds of individuals every year all over the world.<p>As you are well aware, such organisations are often targets for very sophisticated spear-phishing, malware attacks, APTs from countries like China etc. Unfortunately most are woefully under resourced and lack the ability to have basic monitoring systems (and most importantly, someone looking at them) in place. So often we can find the same basic attacks repeating themselves even when IOCs etc are available to block them.<p>We are currently experimenting with building a small virtual SOC across a number of at-risk activist, media, human rights and environmental organisations (from activists in Zimbabwe to rainforest defenders in Brazil) to help them pool their resources and manage security in a more effective way. So tools like CB, Falcon etc. Obviously it&#x27;s highly expensive stuff so we want to do our best to make sure it is available to people doing good work on the ground in a lot of high risk places.<p>Also, if anyone is interested in maybe helping out with some advice (experiences&#x2F;positive&#x2F;negative) about using&#x2F;setting these tools up, running or being part of SOC, the people we are working with a pretty inspiring and your knowledge would go a long way to help protect them in troubled times!<p>Feel free to reach out to vsoc AT secfirst.org<p>Thanks!
======
blcArmadillo
Pardon my ignorance, what does SOC stand for? I can only think of "system on a
chip" but based on context I don't think that's what you're referring to.

~~~
chelmzy
Security Operations Center

------
schappim
Isn’t a virtual SOC just a VM with extra steps?

~~~
secfirstmd
Well I guess you can nail it down to that but in reality it's ways more,
especially for who we work with.

It would be a whole series of steps including selecting and picking the
technology, testing and deploying it, working with low capacity groups to help
them train on areas from basic user security to advanced monitoring, working
with it within those orgs, more testing, then having the right people doing
daily response on alerts, action on things etc etc...

So yes at a basic level it is just VM chips but in reality it's much more than
that.

