SOC as a Service
‘Investigating unreliable alerts wastes two-thirds of staff time while actual breaches go undetected an average of 146 days. You must be on constant lookout for security threats lurking in your network traffic – managed detection and response gives you actionable insight when it counts.’ Gartner's 2018 Intrusion Detection and Prevention Systems Magic Quadrant
CSA provide a full suite of flexible Managed and Virtual Security Operations Centre (SOC) services to organisations that don’t want to run their own SOC in house. CSAs UK based SIOC is operated by experienced cyber security analysts overseen by James Griffiths and Dave Woodfine; both of whom have extensive experience in setting up and operating SOCs for large corporate organisations including the MOD and the Bank of England.
The costs of setting up and running a SOC operating 24/7 can be prohibitively expensive not to mention the difficulty in recruiting and retaining security analysts. Many organisations have gone down this route but have come to the conclusion that ‘SOC as a Service’ provides a viable, cost effective alternative strategy. We provide the Security Information and Event Management (SIEM) platform as part of the CSA fully managed service or can provide virtual SOC services for organisations that prefer, or have already committed to a particular SIEM platform (see below).
CSA provide a fully managed service from start to finish so that an organisations internal IT and security staff can spend their time dealing with and blocking identified threats. Often organisations try and fail to identify genuine threats in time to stop attackers gaining a foothold or exploiting a security breach. CSA analysts are experienced across the full spectrum of cyber capability including threat intelligence and cyber reconnaissance and as a matter of course tune the CSA tools to cover the latest cyber threats. CSA offer different options to organisations considering managed SOC services, typically we recommend the CSA proprietary BorderPoint threat monitoring and protection service to companies with less than 250 end points. For larger companies there are other options that we can offer based on customer requirements and budget. Please contact us for a quote.
CSA offer a virtual SOC service whereby the client owns the SIEM platform but it is set-up, managed, monitored and tuned by cyber security analysts working in the CSA SIOC. CSA have experience in working with many of the industry leading SIEM platforms so can offer advice and make recommendations on purchase and configuration as required. CSA provide virtual SOC services 24/7 or can offer clients the option of an out of hours service to dovetail with an internal team.