How to Leverage Upstream Platform in a SOC

DAN SAHAR

VP of Products

[Transcript]

One of the key groups that use The Upstream platform within the customer environment, is a security team within the Vehicle Security Operations Center, or VSOC. What we have here in this diagram is a connected car platform powering multiple services at the same time. So what we have here are connected vehicles that ultimately connect to an automotive cloud via a mobile network. And within this automotive cloud, we have various hosted applications, such as telematics, such as mobile apps, such as LIDAR, and then they’re all powering various services that are offered by either this OEM or fleet. What we have here is a SOC, or a Security Operations Center, that’s powered by security analysts leveraging multiple tools, such as workflow solutions or SIEM solutions. So now let’s look at how the SOC team would leverage Upstream’s platform in order to create a single source of truth for their automotive cyber security.

The Upstream C4 platform is data-driven. So the first thing that we do is, we collect data from multiple sources, both from in-vehicle sources such as in-vehicle security, from the applications, and from the actual end services that are using this connected vehicle or platform. The C4 platform then uses our multiple cyber security engines to detect violations. The C4 platform then converts the violations into incidents and sends these incidents into the SIEM or workflow solutions that are being used within the SOC.

The SOC team would typically have a playbook of what they want to do in case of a certain incident type. For example, the SOC may want to dispatch the right personnel or security analysts to be able to perform triage and analyze the specific incident. An easy way to do that is to leverage the incident identifier that was received from the Upstream platform, and then the analyst can actually click on the link and go back to the Upstream platform and get a drill-down right away into the specific parameters of that incident. The analyst can then go right to work to the Upstream platform that’s already running within the SOC, and then they can perform triage using our contextually rich data within our dashboard. Upstream provides multiple tools for slicing and dicing the data in order to get to the root cause and actually understand what took place and whether this was a cyber security incident or something that may have been just a fault or a misconfiguration on the connected car service.

Many of our customers use a typical workflow as outlined here, and at the end of the day, Upstream’s C4 platform becomes the single source of truth for automotive cyber security in their connected car environment.

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

Economies of People – Democratizing After-Sales Quality with AI

The automotive industry is undergoing its fastest transformation in history, driven by software-defined vehicles, electrification, and rising customer expectations.

More Details

Sécuriser et renforcer l’avenir de la mobilité et de l’IoT

Upstream libère le potentiel des véhicules connectés, de l’IoT et des données de la mobilité intelligente. 
 Sa plateforme de gestion des données est spécialement…

More Details

Études de cas : Comment l’IA permet de détecter plus tôt les problèmes de qualité véhicule

La détection proactive de la qualité (PQD) d’Upstream en action, accélérant l’analyse des causes premières (RCA), l’évaluation de la gravité et la priorisation des problèmes…

More Details

Beyond the Cyber Resilience Act: Building
Cyber Resilience for the EV Charging Ecosystem

The CRA places broad obligations on manufacturers, including those who design, develop, or brand charge points, backend systems, and embedded communication software used throughout the…

More Details

Beyond the Cyber Resilience Act: Building Holistic Cyber Resilience

A decade ago, the value of connected vehicle data was associated with new revenue streams for OEMs. Fast forward to today, a more effective and…

More Details

Tech Talk: Securing the Commercial Fleet Ecosystem with IVECO’s CISO

The commercial vehicle industry is undergoing a seismic shift. The convergence of connectivity, electrification, and software-defined vehicles is unlocking unprecedented efficiency but also exposing f

More Details
Skip to content