BDDK sızma testi nedir?

BDDK sızma testi, Bankacılık Düzenleme ve Denetleme Kurumu'nun bankalara ve finansal kuruluşlara yönelik zorunlu kıldığı periyodik güvenlik denetimidir. Bu testler, bankacılık sistemlerinin siber saldırılara karşı direncini ölçer ve regülasyon uyumunu belgeler.

EPDK sızma testi ne sıklıkla yapılır?

EPDK düzenlemelerine göre enerji sektöründeki kritik altyapı işletmecileri yılda en az bir kez sızma testi yaptırmakla yükümlüdür. OT/SCADA sistemlerini kapsayan testler özel metodoloji gerektirir.

SPK sızma testi kim için zorunludur?

SPK düzenlemeleri kapsamında aracı kurumlar, portföy yönetim şirketleri ve diğer sermaye piyasası kuruluşları düzenli sızma testi yaptırmakla yükümlüdür.

TSE 13638 sertifikalı firma olmanın avantajı nedir?

TSE 13638 standardı, sızma testi hizmeti sunan firmaların akredite edilmesi için Türkiye'de uygulanan ulusal standarttır. TSE 13638 sertifikalı firmalarla çalışmak, yasal yükümlülüklerin karşılanmasını ve denetim süreçlerinde belgesel güvence elde edilmesini sağlar.

Sızma testi fiyatı nasıl belirlenir?

Sızma testi fiyatı; testin kapsamına, hedef sistem sayısına, test süresine, regülasyon gereksinimlerine (BDDK, EPDK, SPK, TSE, PCI-DSS) ve raporlama derinliğine göre değişir. Netlore Security ücretsiz ön görüşme ile kurumunuza özel fiyatlandırma sunar.

Services / Defensive Security / SOC Support

Defensive Security · SOC Support

We keep your SIEM healthy and your rules sharp.

L2 SIEM/SOAR engineering consultancy: detection rule management, log source and SIEM health, periodic threat reporting and continuous engineering support.

L2 SIEM engineeringWeekly / monthly reportRule managementLog source health

Schedule a Call See the Scope

SIEM Health PanelWeekly summary · sample

Log source health

142/148

Active detection rules

312

Alarms triggered this week

1.248

Critical findings

Log source status

Firewall / NGFWflow normal

Active Directoryflow normal

EDR / XDRflow normal

Web Proxylatency detected

VPN Gatewaylog flow stopped

// 01 — Our Approach

Engineering support, not on-call monitoring

We don't offer a classic 24/7 monitoring service. Instead we provide L2 engineering support that keeps your SIEM/SOAR environment genuinely working, your rules accurate and your reports meaningful.

What we don't offer

24/7 on-call SOC monitoring
A Tier-1 team waiting on real-time alarms
"Respond in 15 minutes" on-call SLAs

What we offer

L2 SIEM/SOAR engineering consultancy
Detection rule creation, tuning and improvement
Log source & SIEM health management
Periodic (weekly/monthly) threat and health report

// 02 — Service Scope

Engineering power for your SIEM environment

L2 SIEM Engineering Consultancy

L2-level design and improvement of your SIEM/SOAR platform configuration, correlation logic and use-cases.

Detection Rule Management

Adding new rules, tuning existing ones, reducing false positives and mapping rules to MITRE ATT&CK techniques.

SIEM Health Management

Performance, capacity and EPS optimization; version/upgrade planning and oversight of the platform's continued health.

Log Source Health Monitoring

Detecting sources whose log flow has stopped, resolving missing/corrupt logs, parser and normalization issues.

SOAR & Automation Support

Playbook development and improvement; reducing operational load by automating repetitive analysis and response steps.

Periodic Reporting & Threat Analysis

Weekly/monthly reports on incoming attacks, prominent threats, alarm trends, rule changes and improvement recommendations.

// 03 — Engagement Model

Continuous support + periodic rhythm

A transparent, measurable support model from onboarding to regular reporting.

Assessment & Onboarding

We review the current SIEM/SOAR setup, log sources and rule set; gaps and quick wins are identified.

Continuous Engineering Support

Rule creation/tuning, log source and SIEM health tracking, SOAR playbook support — request- and finding-driven.

Periodic Reporting

A weekly or monthly threat, alarm and health report; findings and the next period's roadmap are shared.

// 04 — Reporting

Weekly / monthly SIEM & SOAR report

Each period we deliver a clear report that both management and the technical team can act on.

Report contentssample

Incoming attacks & threatsSignificant attack attempts and prominent threats during the period

Alarm trends & notable eventsDistribution of triggered alarms, critical findings and root-cause notes

Rule changesDetection rules added/tuned and false-positive improvements

Log source & SIEM healthSource outages, capacity/EPS status and performance indicators

Recommendations & roadmapPrioritized improvement steps for the next period

// 05 — Supported Platforms

Platform-agnostic engineering

We work with the SIEM/SOAR ecosystem you already use.

SIEM

Central log & correlation

SplunkIBM QRadarMicrosoft SentinelElasticWazuh

SOAR

Orchestration & automation

Splunk SOARCortex XSOARSentinel Playbooks

Telemetry

Log sources

NGFW / IPSEDR / XDRActive DirectoryCloud (AWS/Azure/GCP)Application logs

Contact

Let's strengthen your SIEM setup together

Let's assess your current SIEM/SOAR environment and discuss how we can help with rules, log sources and reporting.

Schedule a Call

Offensive Services

Defensive Services

Training & Consultancy

Security & Compliance

Intelligence & Consulting

Products

Critical Infrastructure

Commercial Sectors