SOC DAILY REPORT AS 9th DECEMBER 2021

McAfee EPO Monitoring Status

Total devices installed: 2,030 devices (including endpoints and servers)

Alert Summary: There is NO alert for the past 24 hours.

Action Taken: N/A

Status: N/A

1
FireEye HX Monitoring Status

Total devices installed: 1,743 (including endpoints and servers)

Alert Summary: There is NO alert detected for the past 24 hours.
Action Taken: N/A
Status: N/A

2
FireEye NX Monitoring Status

FireEye NX Production

Alert Page

Alert Summary: There is 1 alert for the past 24 hours.

Action Taken: Failed Attempt
Status: Closed
Screenshot:

Riskware Page

Alert Summary: There is NO alert for the past 24 hours.

Action Taken: N/A
Status: N/A

3
FireEye NX CM KVDC

Alert Page

Alert Summary: There are 3 alert detected for the past 24 hours.
Action Taken: Alerts blocked by FireEye CM.
Status: Closed

Riskware Page

Alert Summary: There is NO alert for the past 24 hours.

Action Taken: N/A
Status: N/A

4
FireEye NX DR

Alert Page

Alert Summary: There is no alerts detected for the past 24 hours.

Action Taken: N/A
Status: Closed

Riskware Page

Alert Summary: There is NO alert for the past 24 hours.

Action Taken: N/A
Status: N/A

5
McAfee NSM IPS Monitoring Status

McAfee IPS has detected several inbound connections towards network for the past 24 hours.

Action: All attacks has been blocked by signature based, SOC has escalated the related events to
respective parties and blocked the attacker IP Address at McAfee IPS policy for immediate mitigation.

6
5) Symantec Mail Gateway 1 Status

SMG_01 has detected the highest threats with 12,327 counts of Bad reputation (70.6%), followed by
Disarmed Messages with 2,020 counts (11.6%), Spam and unwanted mail with 2,202 counts (12.6%),
Content Violations with 580 counts (3.3%) and Malware with 332 counts (1.9%).

Action: All threats have been deleted by default policy. Most of spam sender’s domains are blacklisted
and blocked at mail gateway.