Cybersecurity Operations Center Modernization & Threat Response Support
Client:
Port of Los Angeles (POLA)
Project:
Cybersecurity Operations Center – Tier 1 & Tier 2 SME Support
Role:
Cybersecurity Engineering
• SOC Operations
• Threat Detection & Incident Response
Elevating Security Posture for One of America’s Busiest Ports
E.K Associates partnered with the Port of Los Angeles to strengthen the resilience of its Cybersecurity Operations Center (SOC) by providing dedicated Tier 1 and Tier 2 cybersecurity expertise.
Our cybersecurity engineers enhanced daily operational readiness, improved threat visibility, and supported the Port’s mission of safeguarding critical infrastructure and maritime operations.
Through advanced monitoring, threat analysis, and continuous operational support, we helped POLA modernize its SOC workflows, increase detection accuracy, and accelerate incident response.
The E.K Advantage
Advanced Threat Monitoring & Security Event Interpretation
Our analysts monitored and interpreted security events across a diverse ecosystem—firewalls, IDS/IPS, endpoint protection, SIEM, proxies, servers, databases, email systems, and packet-level data.
Detection & Analysis of Modern Attack Vectors
The team analyzed a broad spectrum of attack types including denial-of-service attacks, malware infection chains, spear phishing campaigns, exploit kits, drive-by compromises, DNS manipulation, and zero-day indicators.
SIEM Modernization & High-Fidelity Alerting
We designed, correlated, and refined SIEM use cases across multiple severity levels, improving alert fidelity and reducing false positives across the SOC.
Malware Reverse Engineering & Threat Intelligence
Our cybersecurity engineers performed malware analysis and reverse engineering to uncover behaviors, attack paths, and indicators of compromise—informing threat intelligence and proactive defensive strategies.
Network, Systems & Incident Management Support
E.K strengthened day-to-day SOC operations by supporting network/system administration activities, validating incident workflows, and ensuring all escalations followed established monitoring procedures.
Clear Communication & Incident Documentation
We translated technical findings into clear, actionable updates for non-technical leadership—enabling informed decision-making during security events.
What We Delivered
Tier 1 & Tier 2 Cybersecurity Operations Support
Tier 1 & Tier 2 Cybersecurity Operations Support
24/7 threat monitoring across critical infrastructure
Event triage, analysis, and escalation
SIEM use-case creation, tuning, and correlation
Log analysis spanning endpoints, networks, cloud, and application layers
Vulnerability assessment support
Advanced Threat & Malware Analysis
Reverse engineering of suspicious executables
Behavioral analysis of malware payloads
Identification of indicators of compromise (IOCs)
SOC Workflow & Operational Enhancement
Strengthened incident handling procedures
Standardized documentation and communication workflows
Enhanced monitoring playbooks and SOP refinements
Impact Delivered
✔ A more responsive, modernized SOC aligned to best-practice threat detection
✔ Improved alert fidelity, faster incident triage, and enhanced situational awareness
✔ Strengthened protection for critical port infrastructure, operations, and maritime systems
✔ Clear communication pathways enabling leadership to make informed security decisions
✔ Reduced operational risk through proactive monitoring and advanced threat analysis
