Jupiter SIEM AR IDS

SOC benefits

Your dedicated team

Humans are critical to interpreting and acting on technology’s advice, which is why they’re a huge part of what we do for you. Your SOC team includes:

Security Engineer

Ensures your systems seamlessly integrate with ours so everything works as it should.

Security Analyst

Your eyes and ears. Monitors, analyses and investigates your IT estate 24×7.

Service Delivery Manager

Oversees every element of your service from internal response process to coordination of different teams.

Security Assurance Consultant

Answers the difficult question and provides valuable guidance that supports your decisions.

Threat Intelligence Specialist

Looks beyond your perimeter to seek and stop cyber threats before they cause harm.

Threat Hunter

Harnesses endpoint data response technologies to hunt down and quarantine suspicious internal threats.

Protective services overview

Technology

The deployment of an Anti-ransomware virtual service delivers ongoing threat monitoring, protecting critical data stored across your network and cloud environments from being stolen and potentially held hostage with the encryption of your most valuable data assets.

People

A skilled team of intelligence specialists and analysts ensure round the clock 24x7x365 protection. Real-time ransomware monitoring coupled with incident response means we can shut-down and quarantine any ransomware attack in less than a second.

Process

Alongside 24x7x365 management, ransomware monitoring and incident response, detailed root cause analysis is used to identify the entry method of any malware attacks. Automated quarantine processes are actioned to limit the impact of any breach, and our expert team can also support internal resource with any recovery management processes.

Technology

A Network Intrusion Detection and Prevention system (IDS/IPS) provides real-time threat detection and prevention to ensure any potential emerging threats are resolved before they can cause damage. A virtual management console provides the SOC with the overarching health monitoring for all IDS/IPS deployments and is API-integrated with both the SOC’s SIEM and i3 case management system to deliver a comprehensive defensive system.

People

Our experienced security team support all IDS/IPS deployments providing 24x7x365 real-time threat monitoring and incident response. Engineers and consultants configure IPS rules to detect inbound exploitation attempts of any perimeter-facing assets while tracking and nullifying any indicators of call-back to external command and control servers. Further, a dedicated Service Delivery Manager is on hand to manage service obligations and enhancements.

Process

Real-time threat monitoring and incident response underpins IDS/IPS to ensure round the clock protection, while regular analysis and review ensures ongoing updates to signatures and rules. Threat intelligence findings are used to inform optimisation and the creation of new custom rules and blacklists. Detailed threat intelligence is also used to add further evidential data into the process while informing monthly Key Risk Indicator reports and ‘metrics that matter’.

Technology

With over 300 log events per second, LogSecure SIEM delivers a correlated view of security risks across everything running on your network and in the cloud. An extensive Global Threat Intelligence Network (GTIN) and I3 Security Incident Management Portal identify potential compromise and provide real-time security alerts to enhance detection capability and expedite root cause analysis. 

People

An expert security team underpins our SIEM services with 24x7x365 threat monitoring, internet-based threat hunting and customised log monitoring approach to support your systems and any bespoke applications. A Security Assurance Consultant ensures best practice is enforced at all times, with dedicated Service Delivery Manager in place to ensure all commitments and expectations are met. 

Process

24x7x365 monitoring from a UK-based Security Operations Centre ensures that your business is protected around the clock. Early warning threat intelligence updates provide guidance to reinforce protections ahead of an attack, while ongoing tuning of alert rules see that your service evolves in line with your business. We’ll also provide monthly Key Risk Indicator (KRI) reports and threat intelligence summaries. Should an incident arise, we’ll work with your internal team and relevant 3rd parties to action quick and effective resolutions.

Key benefits

Rapid remote deployment of monitoring and protection software through cloud management.

Protect key data, intellectual property and client data from theft and accidental leakage.

Detect targeted and sophisticated network attacks.

Reduce employee overhead and improve speed of response through automated defence and remediation.

Faster root-cause analysis via multiple security logs including network, firewall, server, active directory, database and cloud systems.

Flexibility to evolve your service using our ‘Roll Out Roll In’ SOC protections.

Key Risk Indicator and security maturity improvements delivered within 4 weeks of SOC deployment.

Harden networks and systems to common network intrusion attacks and malware.

Help protect against zero day malware.

Protect data stores and keep business operations moving with real-time anti-ransomware detection and prevention.

Joined up overview of security incidents in the event of a breach – slashing the time it takes to respond.

Take the next step

Found the SOC for you? Take advantage of our 3-month free pilot and discover the Zepko difference risk-free. Or if you’d simply like to know more about our services, get in touch with our expert team.

Get in touch

Rail operator defends against a ransomware attack

37 %

of organisations reported a ransomware attack in 2021.

£1.3 M

the average remediation cost in 2021

21 %

average amount of IT budget spent on security

100 %

of customers protected with sub-second automated defence

58 %

of businesses attacked paid a ransom

Tony opens an email attachment from a known client; unfortunately his client’s laptop has been compromised and he opens a document infected with ransomware.

The ransomware starts to encrypt his shared folders, but in a sub-second response his desktop is quarantined by our anti-ransomware system which alerts the SOC team in real-time.

The SOC team notified the client’s IT team and commence incident response processes, using their SIEM they performed root cause analysis which identified the entry method of the malware (via email). The SOC obtained a copy of the malware for analysis in their malware labs, they detonated the malware safely to study its behaviour and identify its spreading mechanism to find it was wormable (able to spread across the network on open ports to vulnerable systems). The SOC also investigated the IPS alarms to identify any call backs to command and control servers.

Armed with this knowledge the SOC guided the IT Team during the recovery process to ensure the malware was not persistent and did not reinfect the systems after recovery or reattempt encryption.

37% organisations reported a ransomware attack in 2021

Average remediation cost in 2021 was £1.36M

One in 6 of those attacked was hit with a ransom and 58% paid up.

The average firm now devotes 21% of its IT budget to cyber security – a jump of 63%

100% customers protected with sub-second automated defence

Our customer pledge

We’re confident in the services we provide, and we want you to be too. That’s why we offer the following pledge to every business considering onboarding us as their managed security service provider:

1

3-month pilot
free of charge

Put us to the test and let us run your 24×7 Security Operation Centre for free for the first 3 months. You can benchmark our performance against pre-agreed success criteria – and if you’re not convinced after the pilot, it won’t cost you a penny.

2

Lowest price
guarantee

Our mission is to make high-quality, tailored managed security services affordable to the mid-market – and we stand by our word. If you find another provider who can offer a like-for-like SOC service for a lower cost, we will refund the difference.

3

No half
measures

When you take part in our pilot you can expect the full Zepko service, not a trimmed down version. We’ll run a full 24×7 SOC operation, providing access to our specialist SOC team, process models and procedures, at the same level as our existing customers.

Deploy this SOC from £5,251 per month

The above cost has been calculated based on an organisation of 250 users. Larger organisation? As our services are scaled up, your SOC solution becomes more cost effective per user. Speak to us for an accurate quote for your business.