Provide analysis and trending methods of security log data of heterogeneous security devices.
Provide incident response ("IR") support when analysis confirms actionable incident.
Provide threat and vulnerability analysis as well as security advisory services
Investigate, document, and report on information security issues and trends that are observed through security monitoring.
Integrate and share information with other analysts and other teams within SEI or performing Services under this SOW
Monitor implemented network and other security control activities and perform threat analysis on traffic. This may include, but is not limited to vulnerability/exploit detection, virus detection, identification of false positives
Create tickets for threats and vulnerabilities found during traffic analysis.