Managed Security
Services
Stellar protection for every business
Security technology works perfectly when it knows what it’s looking for. But as cyber threats change, even state-of-the-art tools can be outwitted by something unfamiliar. That’s why your security needs the human touch.
Covering the fundamentals of your security, our standalone SIEM service helps you make the most of your existing security tools through best-in-class monitoring technology and a team of experts.
To take your security to the next level, we’ve created a full suite of Security Operations Centre solutions for every need and budget.
A SOC for every challenge
Our Managed Services align you with a world-class security operations centre (SOC) solutions tailored to your business and budget. Both tech and team work in tandem to solve security challenges, combining intelligent analysis with vigilance and real-time remediation. Proud to deliver affordable, enterprise-grade solutions, we have a SOC for everyone.
Following an initial assessment of your IT environment, needs and budget we define a suite of bespoke SOC offerings that includes the right balance, number, and combination of solutions to meet your business objectives.
Mars
2 protections
Jupiter
3 protections
Saturn
4 protections
Uranus
5 protections
Neptune
6 protections
Essential
Our entry-level offering, Essential SOC services help your business take the first steps to stronger security. Preventative tech, managed by an expert team, reinforces what you have today.
Professional
Our Professional SOC services take your security to the next level by identifying, investigating and quarantining threats both inside and outside your business.
Enterprise
A bespoke, premium service, our Enterprise level SOC offering delivers proactive cyber threat hunting, analysis, and remediation in real-time. It’s the ultimate in IT protection.
Technology advises, humans decide
Humans know what’s normal and what isn’t when it counts. While technology plays a vital role in protecting your IT, it is up to humans to make the important decisions that ultimately make a difference. They are critical to interpreting and acting on technology’s advice, which is why they’re a huge part of what we do for you. The service you choose determines the team you’ll be working with, and could include:
Security Engineer Ensures your systems seamlessly integrate with ours so everything works as it should.
Service Delivery Manager Oversees every element of your service from internal response process to coordination of different teams.
Threat Intelligence Specialist Looks beyond your perimeter to seek and stop cyber threats before they cause harm.
Security Analyst Your eyes and ears. Monitors, analyses and investigates your IT estate 24×7 – on deck, not on call.
Security Assurance Consultant Answers the difficult question and provides valuable guidance that supports your decisions.
Threat Hunter Harnesses endpoint data response technologies to hunt down and quarantine suspicious internal threats.
Specialist protections that deliver dedicated defence
Our singular-service specialist protections provide cost-effective and enterprise-grade defences that work around the clock to keep you secure.
Protective services overview
Technology
Our always-on virtual scanners perform host discovery, vulnerability detection and compliance scanning to identify potential security risks for further SOC action. This includes Web Application Scanning, Real-time Scanning Agents, PCI Compliance Scanning and a live Threat Intelligence feed for newly disclosed vulnerabilities and emerging threats. Vulnerability insights are also used to inform tailored client reports and correlated within the SOC’s SIEM service.
People
A skilled security team supports and interprets every element of Vulnerability Management, providing real-time analysis and linkage with the SIEM system to ensure all risks are assessed in the round. Singularly, the SOC delivers regular vulnerability reports, configuring virtual scanner tools for ongoing optimised performance and integration with other SOC services. A Security Assurance Consultant is always on hand to ensure best practice is upheld, while a dedicated Service Delivery Manager ensures all service expectations are met.
Process
Once deployed, your scanning and management service works in conjunction with relevant and supporting SOC services and is continually optimised to ensure assets are hardened and patched to the latest level. Additionally, tailored, ad-hoc scans can also be actioned on request by a client via the i3 portal, or on notification of a zero-day vulnerability.
Technology
Our SOC-driven, action-based, and real-time policy and risk-based alerting and prevention service delivers data exfiltration events. Lightweight agents can also be deployed at speed to desktops and laptops as required to provide unified coverage to the user base, wherever they may be. A Cloud Management Portal ensures we effectively manage and monitor all on-premise and mobile users in real-time, with the option to set customisable and granular DLP policies and rulesets on the fly.
People
Expert Security Engineers configure and manage your DLP deployments, ensuring the service is fully functional, optimised and ready to deliver real-time alerts to the SOC to protect your business.
Process
By deploying DLP rulesets to track and trace data at rest, in motion and in use, all tailored to the unique demands of your business, plus ongoing ruleset tuning, we ensure that your DLP service is always ready and optimised to keep you secure. We maintain a forensically sound log system for persistent offenders should internal HR or disciplinary procedures be required.
Technology
The LogSecure SIEM delivers a correlated view of security risks across everything running on your network and in the cloud. A tightly-integrated and extensive Global Threat Intelligence Network (GTIN) and i3 Security Incident Management Portal identify potential compromise and provide real-time security alerts to enhance our detection and auto-remediation capability while expediting root cause analysis.
People
An expert security team underpins our SIEM services with 24x7x365 threat monitoring, internet-based threat hunting and a customised log monitoring approach to support your systems and bespoke applications. A Security Assurance Consultant ensures best practice is enforced at all times, with a dedicated Service Delivery Manager in place to ensure all commitments and expectations are met.
Process
24x7x365 monitoring from a UK-based Security Operations Centre ensures that your business is protected around the clock. Early warning threat intelligence updates help ensure reinforced protections are in-situ ahead of an attack, while ongoing tuning of alert rules see that your service evolves in line with your business. We’ll also provide monthly Key Risk Indicator (KRI) reports, the ‘metrics that matter’, and threat intelligence summaries. When an incident arises, we’ll take the lead in working with your internal teams and relevant 3rd parties to action quick and effective resolutions.
Technology
MDR software agents provide real-time, risk-based prevention of malware and potential network attacks. The MDR service is frequently deployed East-West within a client to support any other complementary North-South IDS/IPS service. Our intuitive Cloud Management Portal enables the management and monitoring of on-premise and mobile users in real-time, as well the granular customisation of alerts and defensive rulesets.
People
Highly-skilled Threat Hunters proactively seek out anomalies in user and software behaviour to discover zero-day threats as part of 24x7x365 threat monitoring and incident response. A Security Assurance Consultant provides guidance on best practice for monitoring and incident response, while a dedicated Service Delivery Manager ensures expectations and obligations are met.
Process
On-going threat hunting and cyber intelligence monitoring across the internet ensures round the clock threat monitoring, analysis and remediation. The SOC team apply emerging indicators of compromise (IoC’s) rules to transpose the anatomy of attacks into the MDR system to help simultaneously prevent entry and any negative impact. This advanced incident analytics, including malware reversal, keep you protected against any emerging threats, Full insights are also shared as part of a monthly Risk Indicator Report.
Technology
A Network Intrusion Detection and Prevention system (IDS/IPS) provides real-time threat detection and prevention to ensure any potential emerging threats are resolved before they can cause damage. A virtual management console provides the SOC with the overarching health monitoring for all IDS/IPS deployments and is API-integrated with both the SOC’s SIEM and i3 case management system to deliver a comprehensive defensive system.
People
Our experienced security team support all IDS/IPS deployments providing 24x7x365 real-time threat monitoring and incident response. Engineers and consultants configure IPS rules to detect inbound exploitation attempts of any perimeter-facing assets while tracking and nullifying any indicators of call-back to external command and control servers. Further, a dedicated Service Delivery Manager is on hand to manage service obligations and enhancements.
Process
Real-time threat monitoring and incident response underpins IDS/IPS to ensure round the clock protection, while regular analysis and review ensures ongoing updates to signatures and rules. Threat intelligence findings are used to inform optimisation and the creation of new custom rules and blacklists. Detailed threat intelligence is also used to add further evidential data into the process while informing monthly Key Risk Indicator reports and ‘metrics that matter’.
Technology
The deployment of an Anti-ransomware virtual service delivers ongoing threat monitoring, protecting critical data stored across your network and cloud environments from being stolen and potentially held hostage with the encryption of your most valuable data assets.
People
A skilled team of intelligence specialists and analysts ensure round the clock 24x7x365 protection. Real-time ransomware monitoring coupled with incident response means we can shut-down and quarantine any ransomware attack in less than a second.
Process
Alongside 24x7x365 management, ransomware monitoring and incident response, detailed root cause analysis is used to identify the entry method of any malware attacks. Automated quarantine processes are actioned to limit the impact of any breach, and our expert team can also support internal resource with any recovery management processes.
Where to start
Cyber Incident Calculator
It’s crucial that your level of security investments is balanced against potential risk. With a few simple details our Cyber Incident Calculator provides a clear estimate on the impact of a potential breach to help you make an informed assessment and secure the investment you need.
Cyber Incident Calculator
Select my SOC
A successful security strategy is one that’s built around the unique demands of your business. Not sure which solution is the best fit for you? Just input a few initial details and our SOC selector will point you in the right direction.
SOC selectorThe ultimate results-driven cyber assurance
TruTrust© ensures true 24×7 protection that delivers unmatched threat detection and resolution, giving you unrelenting cyber assurance.
Our customer pledge
We’re confident in the services we provide, and we want you to be too. That’s why we offer the following pledge to every business considering onboarding us as their managed security service provider:
3-month pilot
free of charge
Put us to the test and let us run your 24×7 Security Operation Centre for free for the first 3 months. You can benchmark our performance against pre-agreed success criteria – and if you’re not convinced after the pilot, it won’t cost you a penny.
Lowest price
guarantee
Our mission is to make high-quality, tailored managed security services affordable to the mid-market – and we stand by our word. If you find another provider who can offer a like-for-like SOC service for a lower cost, we will refund the difference.
No half
measures
When you take part in our pilot you can expect the full Zepko service, not a trimmed down version. We’ll run a full 24×7 SOC operation, providing access to our specialist SOC team, process models and procedures, at the same level as our existing customers.