Managed SOC Services.
CyberCrowd’s 24 x 7 x 365 Managed SOC service utilise best in class people, process and technology from IBM (QRadar) and Microsoft (Sentinel).
SOC-as-a-service
CyberCrowd’s Managed Security Operation Centre (SOC) services support businesses of all sizes and help to enhance their ability to identify and respond to cyberattacks.
Taking SOC as a service approach is far more cost efficient than developing such a team internally
What is a SOC?
Through a SIEM agnostic approach, in both cloud and on-prem infrastructure, we focus on ensuring our customers have an efficient MTTD (Mean Time To Detection) on all potential threats in their environment and work on stopping threat actors as early in the attack framework as possible.
More and more regulatory bodies are starting to have a focus on making sure that you are baselining and knowing “what normal looks like”. The SOC will give you the constant coverage you require and with our reports and dashboards can give you accurate trending in your environment.
Cyber Security Incidents are on the rise with an average of a successful attack via the internet aimed at businesses every 39 seconds.
The targets aren’t just large enterprises with there being an increase in Small-Medium Size Enterprises being hit with 43% of companies being targeted in 2020.
Our SOC services
Ongoing digital transformation and cloud migration, means more cyber security risks being introduced into your organisation.
At CyberCrowd we are dedicated to giving you a bespoke monitoring service where we will work with you to make sure that your most valuable assets have the coverage they need as well as standing guard at your boundary.
We offer our knowledge in industry specific threats to help define what key indicators of compromise may look like in your network as well as keeping up to date with trending attack campaigns and the signatures they use.
Our team of 24x7x365 analysts are always available to discuss and workshop threat concerns or new methodologies in detecting your biggest worries.
Features
- Design of efficient alarm rule sets within the SIEM
- We work with our customers to map out their threats
- We offer guidance and assistance in transitioning from previous SOC partners
- We work on the playbooks and remediation steps for indicators of compromise
- We create bespoke alarms for customers based on specific indicators of compromise
- We stick to a 15 min KPI of acknowledgement for P1 escalations
- We operate at a minimum SOC level of investigation of all alarms triggered within the SIEM to relieve effort of our customers internal resources
- We offer trained incident handlers to deal with any high priority incidents for our customers whether they are identified via the SOC or through the customer as part of a retainer service
Our SOC team
Our qualified professional team includes
SOC
Managers
Security
Engineers
Security
Analysts
The benefits of investing in external
SOC services
Based on the common challenges for businesses outlined in the previous section, CyberCrowd’s SOC-as-a-service offering provides our partners with the following benefits:
- As part of our standard setup we help map threats and risks of an organisation to the SIEM
- We help customers ensure they are getting the best value of our services through advice on how best to ingest and set up log collection
- Reduce the Mean Time To Detection for security events
- We give our customers useful and best practice recommendations for remediation to escalated alarms
- Our engineering team is focused on maintaining a low false positive rate to ensure our customers can focus on concerns of importance
- We can map our IoC’s (indicators of compromise) to either custom based alarms or frameworks such as GPG-13
- We provide accreditation support and guidance
- We can assist on strategic vision for cyber security maturity