Commerce Enterprise Security Operations Center (ESOC)
Investment ID: 006-000050600
Overview
Program Title
Commerce Enterprise Security Operations Center (ESOC)
Agency
Description
ESOC provides a Department-wide cybersecurity intelligence that enables a near real-time enterprise-wide view of threats affecting the department with actionable information to mitigate those threats.
Type of Program
Standard IT Investments
Multi-Agency Category
Not Applicable
Investment Detail
The Enterprise Security Operations Center (ESOC) has been designated as the Principal SOC for Commerce and is responsible for coordinating communication with DHS, US-CERT, OMB, and other Federal agencies. ESOC has established a sophisticated cyber security infrastructure that provides enterprise security event correlation and analysis, threat intelligence ingests, web vulnerability detection, malware IDS/IPS alert integration, and an automated security system for enterprise incident management and reporting. In addition to these services, ESOC provides compliance for the NIST PM-16 control of implementing a cross-organization threat awareness program. ESOC satisfies this control by maintaining a Commerce Threat Intelligence Portal (CTIP) for collecting and distributing threat intelligence and cyber security information to the Commerce security user community.