HeimdallHeimdall
Loading theme toggle...

SOC OPERATIONS

Security Operations Center

Live posture and incident command board · Wed, Apr 8 · 23:40

2 critical incidents require immediate attention

5 open incidents · 2,341 threats blocked today · MTTR 3.8h

Attention: integration quality checks pending

FortiGate latency and Nessus reconnect require owner action.

EXECUTIVE EXPOSURE

$2.8M

Estimated loss prevented this quarter · based on blocked threat classes and historical response costs.

BOARD RISK FLAGS

Regulatory gaps2 frameworks
Third-party risk4 vendors
SLA commitment91% met

ALERT TREND

Ingested alerts

BLOCKED TODAY

1,740

Peak blocking window: 14:00-16:00 UTC

INCIDENTS

OpenClosed

SERVICES IMPACTED

3/27

INCIDENT COMMAND BOARD

View all →
IDIncidentSeverityStatusAction

INC-2024-001

15m ago

Ransomware Attack Detected

Malware · 23 assets · Sarah Chen

CRITICALINVESTIGATING

INC-2024-009

3d ago

Supply Chain Alert — npm Package

Supply Chain · 14 assets · Sarah Chen

CRITICALNEW

INC-2024-003

4h ago

Privilege Escalation — Domain Admin

Unauthorized Access · 2 assets · Sarah Chen

HIGHINVESTIGATING

INC-2024-005

10h ago

Phishing Campaign — CFO Impersonation

Social Engineering · 8 assets · Emily Taylor

HIGHINVESTIGATING

INC-2024-008

2d ago

Insider Threat — Bulk Download

Insider Threat · 1 assets · James Rodriguez

HIGHINVESTIGATING

TEAM PERFORMANCE

Today
AnalystAssignedResolvedMTTR

Sarah Chen

Lead Analyst

322.1h

James Rodriguez

Analyst II

243.4h

Emily Taylor

Analyst II

215.2h

Michael Kim

Analyst I

134.1h

Alex Petrov

Analyst I

123.8h

INTEGRATIONS

Splunk SIEM

SIEM · Primary sink

Connected

Events

45.2k/day

Health

100%

Active regions

eu-centralus-east

Active alerts

2 high8 medium
Last sync: 1m ago

CrowdStrike Falcon

EDR · Endpoint telemetry

Connected

Events

23.8k/day

Health

100%

Active regions

eu-central

Active alerts

1 critical3 high11 medium
Last sync: 2m ago

AWS CloudTrail

Cloud · Audit log stream

Connected

Events

156.7k/day

Health

100%

Active regions

us-east-1eu-west-1

Active alerts

2 critical7 high19 medium
Last sync: 40s ago

FortiGate

Network perimeter

Warning

Events

67.4k/day

Health

72%

Active regions

dc-1

Active alerts

6 high12 medium
Last sync: 18m ago

Tenable Nessus

Vulnerability scanner

Error

Events

Health

24%

Active regions

dc-1

Active alerts

3 critical
Last sync: 2h ago

RISK SCORECARD

Composite
Risk posture gauge, current score 73.73

Moderate risk

Weekly delta: -2 pts

Threat Exposure
61%
Patch Posture
84%
Identity Risk
71%
Network Exposure
68%
Data Protection
79%

COMPLIANCE STANDARDS

PCI DSS

Trend +2% · latest control check

94%Compliant
94% controls implemented188/200

188

Implemented

7

In progress

5

Not started

Score 94%

SOC 2

Trend +1% · latest control check

97%Compliant
97% controls implemented140/142

140

Implemented

2

In progress

0

Not started

Score 97%

ISO 27001

Trend -1% · latest control check

89%Partial
89% controls implemented101/114

101

Implemented

10

In progress

3

Not started

Score 89%

GDPR

Trend 0% · latest control check

91%Compliant
91% controls implemented88/96

88

Implemented

5

In progress

3

Not started

Score 91%

HIPAA

Trend -3% · latest control check

78%At risk
78% controls implemented52/73

52

Implemented

12

In progress

9

Not started

Score 78%

GLOBAL THREAT ACTIVITY

Last 24 hours
RU
CN
US
BR
IR
DE

14 attack origins · 6 countries · 2,341 blocked