π΄
Security Hub
Cyber Security Β· Compliance Β· Governance β SOC Β· XDR Β· ICC Β· GRC Β· Vulnerabilities Β· SecOps
π Knowledge Base
π CMDB / Assets
π‘ SecOps capability avanzate
NEW
β‘
NEW
SecOps Executive Dashboard
Β· CISO view cross-domain
Vista executive CISO con drill-down ai 4 Director: Security Posture Β· Compliance Posture Β· Risk Exposure Β· Top IR Β· Vuln Top Risk Β· MITRE coverage Β· Framework score Β· Threat Intel Β· Emerging risks.
CISO view
Drill-down
Cross-domain
Aggregato
β
RUNTIME
SecOps Runtime
Β· Risk Scoring Β· Approvals Β· Rollback
Configurazione runtime SecOps: scoring algorithm tuning Β· approval queue per azioni SOAR critiche Β· rollback one-click delle azioni eseguite.
Risk score
Approvals
Rollback
π€
AGENTIC
Secure Agentic IA Console
Β· SOC Β· XDR Β· ICC L1
Monitoraggio operatori IA L1 per dominio Security. Console centralizzata: agent attivi, ticket gestiti/risolti/scalati, log attivitΓ , performance, token & costi.
Autonomia %
FCR
24/7
Cost guard
π
VULN MGMT
Vulnerability Management
Β· CVE Β· EPSS Β· Risk
Vulnerability response: risk-based prioritization, CVSS+EPSS+asset criticality, remediation workflow.
CVSS
EPSS
Patch
π΄ SOC β Security Operations Center
CORE
π
SOC L1
SOC L1
Β· Phone-first Cockpit
Cockpit L1: alert triage real-time, chiamate live, prima containment, escalation L2/L3.
π Calls
π¨ Alerts
β¬ Escalate
π¬
SOC L2/L3
SOC L2/L3
Β· Investigation Workbench
Investigation deep: PIR Β· evidence locker Β· containment log Β· SOAR actions Β· threat landscape.
π― PIR
π Evidence
π€ SOAR
π
EXEC
SOC Service Director
Β· Executive cockpit
Cockpit director: cross-domain SOC/XDR/ICC/GRC/VR KPI, MTTR trend, compliance posture, budget security.
KPI
Trend
Compliance
π£ XDR β Extended Detection & Response
CORE
π
XDR L1
XDR L1
Β· Triage cockpit
L1 triage cross-domain: prima classificazione alert XDR, escalation a L2/L3.
Triage
Cross-domain
π
XDR L2/L3
XDR L2/L3
Β· Hunt & investigation
Threat hunting cross-domain, root cause analysis, advanced playbook execution.
Hunt
RCA
Playbook
π¬
EXEC
XDR Director
Β· Cross-domain correlation
Correlation engine multi-source (EDR/NDR/SIEM/Email): unified incident view, threat scoring, KPI cross-domain.
Correlation
Threat score
π ICC β Identity Compliance Cockpit
CORE
π
ICC L1
ICC L1
Β· Identity Compliance Cockpit
Identity governance: access reviews, JML compliance, SoD checks.
Access
JML
SoD
π
ICC L2/L3
ICC L2/L3
Β· Investigation
Identity escalation, complex access analysis, anomaly detection.
Escalation
Anomaly
π
EXEC
ICC Director
Β· Identity Compliance Executive
Cockpit director ICC: oversight L1/L2/L3 Β· access reviews Β· JML compliance Β· SoD checks Β· identity anomaly trend.
Reviews
JML
SoD
β GRC β Governance Β· Risk Β· Compliance
CORE
β
GRC
GRC
Β· Governance Β· Risk Β· Compliance
Policy lifecycle, audit findings, control framework (ISO/NIST/PCI), compliance scorecards.
ISO 27001
NIST
Audit
PCI
π
EXEC
GRC Director
Β· Governance Β· Risk Executive
Cockpit director GRC: policy lifecycle Β· audit findings Β· framework (ISO/NIST/PCI) Β· compliance scorecards Β· risk register.
ISO 27001
NIST
Audit
π Dashboard & Reporting
INSIGHT
π
DASHBOARD
Security Operations Dashboard
Β· Real-time KPI
Dashboard SOC: alert per source, MTTR, SLA performance, top tactics MITRE.
KPI
MITRE
SLA
π
REPORT
Security Report Center
Β· Compliance Β· Executive
Report ricorrenti: weekly/monthly SOC summary, executive briefing, audit ready output.
PDF
CSV
Executive
π
0
Voicemail
Β· Inbox + AI risk score
VM ricevute da utenti / auditor / segnalazioni security. Audio player, AI risk scoring (Claude), callback integrato softphone.
π Audio
π¨ Risk
π Callback