FULLY MANAGED SECURITY OPERATIONS CENTRE
Next-gen response platform built to detect the latest cyber threats. Get actionable insights from your existing cyber defences.
Cybercrime is increasing at an exponential rate, with predictions that it will cost the global economy US$6 Trillion a year in 2021!
Adding more point solutions only adds complexity and often fails to deliver tangible results.
Our Overwatch fully managed Security Operations Centre analyses activity on networks, servers, databases, applications etc, whether on-premise or in the cloud such as Amazon, Azure & Office 365 or Google. Our team looks for anomalous activity that could be indicative of a security incident or compromise. The SOC is responsible for ensuring that potential security incidents are correctly identified, analyzed, defended, investigated, and reported.
Why the need?
In the evolving modern threat landscape, businesses have to go further than ever. Issues of inadequate user authentication protection and endpoint leakage are compounded by exploding network device count and outstripped demand for cybersecurity labour. Today, large enterprises and SMBs need to meet their cybersecurity requirements without straining resources to the breaking point.
Compliance can be expensive for organisations often requiring additional headcount. We can simplify reporting through standardised and bespoke reports including:
NIST - being adopted by offshore financial regulators
PCI DSS - payment card industry for merchants taking credit card payments
HIPAA - medical compliance
CIS Reporting - Centre for Internet Security that maps reporting over many standards, i.e. GDPR & ISO27001
Leverage existing assets
You've already spent money on your existing security assets, from antivirus, firewalls, EUBA, IPS, IDS etc. Most add complexity as well as generating even more logs that, let's face it, no one has time to look at. But don't throw them away, instead, let us ingest all the important information they generate to get maximum value and important insights on what is happening on your network.
It's really simple and fast, we just need to install agents on your critical servers, Windows or Linux, and an appliance that can either be physical or virtual to collect logs from your security solutions and network data from your core switch. We have connectors for the cloud that take minutes to deploy.
No Hidden Charges
It can become extremely frustrating when the supplier can't tell you the full cost of a solution, or there are hidden charges for additional services. We make things nice and simple! You pay for the number of users in your Organisation and what assets we are monitoring. An asset is anything that we collect log data from i.e. a server, firewall or cloud connector etc.
Is there a minimum number of users that you require?
No, but there are certain requirements to ensure you get value from the solution. We can discuss those requirements with you.
We have multiple locations can you support us?
Yes, we support customers that are multisite, geographically separate.
Do I need to buy additional servers?
No, you do not need to invest in additional servers or software.
Do I need to employ additional staff?
No, as a fully managed service there is no additional staffing requirements.
Do you support virtual environments?
Yes, absolutely we support Hyper-V, KVM and VMware as well as Docker containers.
I don't have any servers I just use Office 365 or G-Suite.
As we have connectors for Office 365 and G-Suite we can collect and analyse that important information, i.e. detect account compromise and unusual login activity.
What data do you collect?
We only collect log and network traffic data, i.e. logon and logoff events, firewall alerts etc.
Where is the data you collect sent and stored?
The data we collect is encrypted and sent to our secure datacentres located in Guernsey in the Channel Islands and the United States.
You can choose your preferred location when you onboard.
My Servers are hosted by my IT/Hosting Provider
That's not a problem we will work with them to deploy the solution. It's best practice to have a third party review the security logs. In fact, many hosting providers only offer a basic security service that does not include managed detection and response.
We use solution XYZ can you integrate with it?
Before implementation, we review all your existing solutions and can advise whether we natively support it. At a basic level, we can take logs from any device that supports Syslog.
What happens if you detect a threat?
Our SOC analysts review all alerts generated by our enterprise platform and escalate it to you. We offer auto-remediation as well as integrating with third-party orchestration tools.
What is the length of the contract?
The minimum term is 12 months.
What locations do you support?
We support clients globally, we can onboard you as long as you can send log data to us.
If you would like to know more about Overwatch Managed SOC please complete the form below.