Security Operations Center as a Service (SOCaaS) 

DOJ's Security Operations Center as a Service (SOCaaS) delivers 24x7x365 threat monitoring, detection and incident response, threat intelligence, and cybersecurity investigations to customers via the Justice Security Operations Center (JSOC). The JSOC leverages a combination of technologies, analytics, and specialized skills to enable rapid detection, analysis, and investigation of incidents. Agencies benefit from DOJ's end-to-end SOC capabilities that adhere to the DHS Cybersecurity and Infrastructure Security Agency (CISA) guidelines for SOC shared service providers. Our client-centric service is tailored for the agency and includes personalized onboarding and ongoing support. Capabilities include:

• Cyber threat intelligence
• Network and system monitoring
• Incident response
• Cyber hunt
• Logging-as-a-Service
• Endpoint Detection and Response (EDR)
• Managed Security Information and Event Management (SIEM)
• Client portal for metrics and dashboards
• SOC resilience
• Forensics
• Onboarding and customer support.

Contact

This service is offered through our federal service partner, the U.S. Department of Justice (DoJ). For more detailed information about this service, please visit the U.S. Department of Justice IT Services page.

You can also download the DOJ's cybersecurity shared services catalog.

For inquiries about DOJ-offered services or if interested in purchasing services, please email: justiceitservices@usdoj.gov.