Specifications include, but are not limited to: Provide 24x7 Security Operations Center (SOC): The MSSP must be able to provide a 24x7 Security Operations Center (SOC) staffed by Security Analysts with the ability to continuously and proactively monitor the network to identify vulnerabilities in existing systems in order to prevent intrusions, including but not limited to malicious files/EXEs, malicious traffic, bad IP addresses/domains, and east/west traffic through Windows event log and sysmon monitoring. It is preferred that a named Security Analyst be assigned that will provide direct and timely security remediation if the need arises. Advanced machine learning and up-to-the-minute threat intelligence along with routine and non-routine task should also be utilized to help protect the network. The SOC should have the capability to prioritize remediation based on the potential business impact and should also provide information on common threats to my industry and/or geography
