SERVICES

World Class Services from Top-Tier Institutions

The ResearchSOC provides an integrated package of technology and services to accomplish its mission, including:

OmniSOC, a shared cybersecurity operations center for higher education

Vulnerability Identification Services, provided by Three Rivers Optical Exchange

STINGAR, the Shared Threat Intelligence for Network Gatekeeping and Automated Response

Training and Education, provided by the ResearchSOC team and offered to research project teams and the higher education community.

A Community of Practice, including services from REN-ISAC such as inclusion in their forums, mailing list, daily security updates, peer assessment service, and others are also available.

Download an overview brochure here.

OmniSOC: 24x7x365 Security Operations Center

With two decades of experience from the GlobalNOC behind it, OmniSOC is a security operations center that provides trusted and actionable intelligence to higher education institutions. OmniSOC is a new shared cybersecurity operations center for higher education. Founded by Northwestern University, Purdue University, Rutgers University, the University of Nebraska-Lincoln, and Indiana University, this pioneering initiative strives to help higher education institutions and research projects reduce the time from first awareness of a cybersecurity threat anywhere to mitigation everywhere for members.  OmniSOC is based at Indiana University. 
OmniSOC operates as part of Indiana University in conjunction with the formidable experiences and capabilities of the Global Network Operations Center (GlobalNOC). It also makes use of threat intelligence insights from the Research and Education Networking Information Sharing and Analysis Center (REN-ISAC).
Learn more about OmniSOC here.

STINGAR; Sharing Threat Intelligence for Network Gatekeeping with Automated Response

STINGAR, or Shared Threat Intelligence for Network Gatekeeping with Automated Response, is a solution developed by Duke University to identify and defend against attacks targeting your network. STINGAR uses a decoy computer system for trapping and tracking hackers and automation to speed responses.

With flexibility in mind, STINGAR:

  • Makes use of network sensors (honeypots)
  • Identifies attackers
  • Blocks via exising network security appliances
  • Shares threat intelligence with trusted groups

Learn more about STINGAR here (PDF download)

Vulnerability Identification Services (VIS) from 3ROX

This service leverages the widely deployed open-source ‘OpenVAS’ framework to identify assets in need of protection. 3ROX is operated and managed by the Pittsburgh Supercomputing Center Three Rivers Optical Exchange (3ROX) offers a vulnerability identification service that will probe the IP address range of a campus for active machines and services/ Network Vulnerability Tests (NVTs) are run against active machines/services to detect misconfigurations and known defects. A report is generated that lists any issue found by severity and host, allowing IT personnel to prioritize remediation. Each issue includes a list of vendor and/or community recommended fixes or corrective actions. These scans are performed on a regular schedule and can be supplemented with on-demand scans. This flexibility provides regular assessments of exposed vulnerabilities and allows IT personnel to scan a new server or service for vulnerabilities shortly after it is made available.

View more information on the Vulnerability Identification Service here (PDF download).

 

Training and Education: Learn Best Practices

Learn best practices for dealing with the technical, program, and cultural challenges of providing cybersecurity for research projects with our training and education services. Provided by security professionals and research facilitaors from the University of California San Diego this training is invaluable for information security professionals regardless of project size. 

Join our Community of Practice

The Research Security Operations Center (ResearchSOC) has partnered with Ask.CI, the Q & A and discussion platform for all things cyberinfrastructure (CI), to create a new community and learning platform for those working to secure cyberinfrastructure crucial to open science.

Ask.CI provides a centralized, searchable, archived mechanism to aggregate expert knowledge that is distributed throughout the open science cybersecurity community. ResearchSOC provides advanced cybersecurity monitoring and detection services to NSF open science organizations, and has a broader mission to support research into and development of better cybersecurity tools and methods for open science community and beyond.

By bringing together CISOs, facilitators, cybersecurity researchers, research software engineers, cybersecurity analysts, security engineers, system administrators, and others we aim to create a community that demystifies the practice of cybersecurity for open science.

Join our Community of Practice by creating an account via Ask.CI and find the group here.