Tech
Transformation

Cybersecurity Operations Center Modernization & Threat Response Support

Cybersecurity Operations Center – Tier 1 & Tier 2 SME Support

Client:
Port of Los Angeles (POLA)
Role:
Cybersecurity Engineering • SOC Operations • Threat Detection & Incident Response

Overview

E.K. Associates partnered with the Port of Los Angeles (POLA) to strengthen the resilience and effectiveness of its Cybersecurity Operations Center (SOC) by providing dedicated Tier 1 and Tier 2 cybersecurity subject-matter expertise. The engagement enhanced daily operational readiness, improved threat visibility, and supported POLA’s mission to safeguard critical port infrastructure and maritime operations.

Through advanced monitoring, threat analysis, and continuous operational support, EK Associates helped modernize SOC workflows, increase detection accuracy, and accelerate incident response, strengthening POLA’s overall security posture.

E.K. Advantage

Advanced Threat Monitoring & Security Event Interpretation

We monitored and interpreted security events across a diverse technology ecosystem, including firewalls, IDS/IPS, endpoint protection platforms, SIEM tools, proxies, servers, databases, email systems, and packet-level telemetry.

Detection & Analysis of Modern Attack Vectors

We analyzed a broad spectrum of cyber threats, including denial-of-service attacks, malware infection chains, spear-phishing campaigns, exploit kits, drive-by compromises, DNS manipulation, and zero-day indicators.

SIEM Modernization & High-Fidelity Alerting

We designed, correlated, and refined SIEM use cases across multiple severity levels, improving alert fidelity and reducing false positives within the SOC.

Malware Reverse Engineering & Threat Intelligence

We performed malware analysis and reverse engineering to uncover behaviors, attack paths, and indicators of compromise, informing threat intelligence and proactive defense strategies.

Network, Systems & Incident Management Support

We strengthened day-to-day SOC operations by supporting network and system administration activities, validating incident workflows, and ensuring escalations followed established monitoring procedures.

Clear Communication & Incident Documentation

We translated complex technical findings into clear, actionable updates for non-technical leadership, enabling informed decision-making during active security events.

Key Features & Work Performed

Contact Us
Contact Us
Arrow
Arrow
Tier 1 & Tier 2 Cybersecurity Operations Support
  • Provided 24/7 threat monitoring across critical port infrastructure
  • Performed event triage, analysis, and escalation
  • Created and tuned SIEM use cases and correlation rules
  • Analyzed logs across endpoints, networks, cloud, and application layers
  • Supported vulnerability assessment and remediation efforts
Advanced Threat & Malware Analysis
  • Conducted reverse engineering of suspicious executables
  • Performed behavioral analysis of malware payloads
  • Identified indicators of compromise (IOCs) supporting proactive detection
SOC Workflow & Operational Enhancement
  • Strengthened incident handling and response procedures
  • Standardized documentation and communication workflows
  • Enhanced monitoring playbooks and refined SOC SOPs

Impact Delivered

Delivered a more responsive, modernized SOC aligned with best-practice threat detection

Improved alert fidelity, faster incident triage, and enhanced situational awareness

Strengthened protection of critical port infrastructure, operations, and maritime systems

Enabled clear communication pathways for leadership decision-making during incidents

Reduced operational risk through proactive monitoring and advanced threat analysis

We don’t just work together. We grow together.

We create a shared vision, and together, we evolve to new heights. Let's connect!

Get Started
Get Started
Arrow
Arrow