- Home
- FAQs
FAQs
Which organizations are monitored by NCSOC?
NCSOC provides real-time cybersecurity monitoring and incident response for government entities, national infrastructure, and other critical organizations across Sri Lanka.
What technologies does NCSOC use?
NCSOC leverages SentinelOne EDR for endpoint protection, an ELK-based SIEM for centralized log analysis, File Integrity Monitoring (FIM) for website protection, and a Web Application Firewall (WAF) for web security.
Does NCSOC provide 24/7 monitoring?
Yes, NCSOC operates around the clock with dedicated analysts monitoring security events and alerts to ensure immediate detection, triage, and response to incidents.
Are your services subscription-based?
Yes, our services are available through flexible subscription models designed for both short-term and long-term cybersecurity operations depending on the organization’s needs.
How soon can deployment start?
Deployment can begin within days once endpoint provisioning and required access configurations are completed by the client organization’s IT team.
Does NCSOC provide one-time assessments or audits?
Yes. NCSOC conducts one-time vulnerability assessments, audits, and digital forensics investigations for organizations that require point-in-time evaluations without continuous monitoring.
Are NCSOC analysts and engineers certified?
All NCSOC analysts and engineers hold globally recognized certifications such as CEH, CCNA, CompTIA Security+, and advanced vendor certifications from SentinelOne and Elastic.
What sectors does NCSOC specialize in?
NCSOC primarily supports government, defense, energy, finance, and healthcare sectors, ensuring resilient cybersecurity frameworks for critical national services.
Does NCSOC offer staff training programs?
Yes. NCSOC provides cybersecurity awareness sessions, technical workshops, and simulation-based training to enhance staff readiness against phishing, ransomware, and insider threats.
How does NCSOC ensure data security and confidentiality?
NCSOC follows ISO/IEC 27001 standards, implements strict access controls, encrypted communication, and segmented environments to ensure complete data protection for all monitored entities.