Security Operations Centres (SOC) have existed in the enterprise for many years. Building and running a SOC requires significant investment in the toolset and skills required to operate it. The core function of a SOC is to detect and respond to cyber attacks in (as close as possible to) real-time. Even with significant investment in protective controls, every organisation has to accept that they will probably be breached at some point. The SOC is the last line of defence. If we can detect it then we have a good chance of containing an attack before it causes disruption or financial loss.
Most public sector and mid-market customers will never be able to justify building a SOC internally. With Lean IT models being the target, this precludes buying expensive tools and skills that will never be fully utilised, other than on that one bad day.
We have created Managed Defence, a SOC built for these customers and tailored to their needs. Rather than make the mistake that most make by attempting to monitor for every use case possible, we work with you to understand your relevant threats and implement the use cases that make sense. This drastically improves our chances of detection and ensures the service is cost-effective. We also reward investment in our ecosystem of proven protective controls with a lower price for the Managed Defence service. The more protection you have, the better your security and the lower your risk of a successful attack. We are in this together. If you experience a successful attack then we are with you until it is contained at no extra cost.
We can deliver in one of two models -
- Managed service - you give the problem to us and we provide a full service with the SIEM platform
- Hybrid - we can utilise an existing SIEM platform and skills to deliver as a team 24x7
If you need us to provide the SIEM then we can do this quickly and effectively in the public cloud using the most advanced SIEM platform and threat intelligence available. Why is this important? Well it means the toolset for the service costs less that established SIEM vendors, we can monitor assets anywhere – on your premises or in any cloud, and we can natively ingest logs from SaaS and PaaS platforms.
Let us focus on detect and response and let your IT team focus on core business activities.
- What’s included?
- A use case library built for your business
- Implementation and configuration of the toolset required
- 24x7 detect and respond service
- Benefits of our approach -
- A cloud generation SOC for a lot less than you might expect
- A service tailored to your threats
- Get rewarded with a lower price as your security posture improves
- No hidden charges
- Your services, data and users are monitored regardless of location
- No CAPEX costs
- Hybrid model utilises existing investment in SIEM and skills