Managed Security Services
Essential real-time incident response
For end users who need a lightweight service to monitor and respond to live security events and indicators of compromise in real-time.
Remote install and remote operation.
Your virtual team
Discover more about the expert virtual team behind your Essential service here.
Security that covers all the bases all of the time
SOC-in-a-Box: Essential provides 24x7 protective monitoring and real-time incident response that sees threats are identified, investigated, remediated, and reported on around the clock, giving you constant peace of mind.
Too often security strategy emerges as a by-product of technology acquisition.
With every new threat that emerges an extra tool is purchased that offers more data for interpretation and may even overlap the protection of existing measures.
But more tools means more to manage, making it difficult to truly understand the quality of your defences.
Critically, as the tools stack up, many organisations become reliant on technology doing all of the work.
The simple truth is security doesn’t solve itself.
It requires the vigilance, instinct, and know-how only humans can provide.
Importantly, the data these tools generate hold a lot of value you may not be aware of, something that can only be extrapolated by experienced expertise.
Our team complements your tech
An enhancement over our SOC: Basic service, SOC-in-a-Box: Essential arms you with a unified view of your security position and a team of specialists dedicated to keeping you safe.
By correlating all your security data with global event information and expert analysis, we help you prevent and defend against both known and unknown threats, inside or outside your business.
Fraudulent activity uncovered against Telecoms target
Attackers plan a phishing campaign targeting your client base. They setup a phishing website using a domain with a similar sounding name.
Our GTIN service hunts for indicators of compromise or targeted campaigns against your organisation including exclusive hacking forums, marketplaces for stolen data and whistleblowing sites in the clearnet, deepweb and darkweb. A core part of the GTIN service is it's ability to detect malicious domain registrations to rapidly trigger takedown processes.
Our SOC team receives an alert from GTIN indicating a suspicious domain registration. On investigation they quikcly identify that the domain hosts webpages, which imitates your website, escalate the incident to your infrastructure team and commence takedown processes.
Monitors 900k newly registered domains per month.
Daily monitoring of newly registered domain.
Escalation and takedown processes actioned within an hour of detection.
List of Services
SOC-in-a-Box: Essential offers:
This 100% managed SIEM service amasses every drop of data necessary to evaluate your security risk and translates it into a status that’s easy to understand. Here we capture, assess, and respond to any threats that originate within your IT environment.
We don’t just set you up and watch you go. We’re on call in the event of a crisis and we’ll offer up all the best practice guidance to inform any future projects. Regular reviews keep you in touch with the risks and ensure your cyber security always stays a step ahead.
Security Operation Center
The very heart of our service, our SOC provides you with an i3 portal where you can watch us at work. You’ll see in real-time our end-to-end incident management being delivered by expert staff, 24x7, 365 days a year.
Global Threat Intelligence
A lot of company data is traded, sold, or shared over the dark web. We uncover whether any of your data has been targeted, mitigate the risk of this data being used against you, and recommend defensive actions to limit the impact to your business. Our service is by no means restricted to our own threat intelligence tools either – we take data feeds from your existing technologies and work with leading partners to ensure you’re getting all the protection your business needs.
Service implementation prep
Our tried and tested implementation methodology enables rapid deployment of our service whilst mitigating project risks.
Leverage our experience in delivering global security projects collaborating with multiple third parties.
Targeted alert use cases
By tailoring our extensive alert correlation rulesets, we reduce the noise from false positives and enhance detection rates of genuine cyber threats.
In addition, we deploy threat intelligence tripwires to detect external risks and threats to your organisation
Customised incident response plan
We tailor our mature incident detection and response processes to work effectively with your organisation and assigned third parties.
We support local and global security deployments engaged with numerous outsourced resolver teams.
Continued cyber due diligence
Achieving cyber due diligence doesn't stop once your SOC service is in operation. As best practice, we schedule regular reviews to ensure your service meets all existing and emerging security requirements as your business evolves.
Explore our Essential Key Risk Indicator report
We know how important it is to be kept in the loop when it comes to your security.
That’s why we ensure you have visibility over our actions at all times, not only via our I3 portal but with regular, easy-to-digest reports that outline the Key Risk Indicators across your entire estate.
Using these KRI reports we help you track incidents, classify risks, and enhance your protection.