Offshore Security Operations Centre

Managed Detection and Response as a Service

What is a SOC

Our Security Operations Centre monitors and analyses activity on networks, servers, databases, applications etc, whether on-premise or in the cloud such as Amazon, Azure & Office 365 or Google. Our team looks for anomalous activity that could be indicative of a security incident or compromise. The SOC is responsible for ensuring that potential security incidents are correctly identified, analyzed, defended, investigated, and reported.

Fully Managed

Our fully managed Security Operations Centre provides you with, highly effective, 24×7x365 advanced security, without having to absorb the high cost or complexity of building and operating your own solutions.

 

Why the need?

In the evolving modern threat landscape, businesses have to go further than ever. Issues of inadequate user authentication protection and endpoint leakage are compounded by exploding network device count and outstripped demand for cybersecurity labour. Today, large enterprises and SMBs need to meet their cybersecurity requirements without straining resources to the breaking point.

Regulatory Compliance

Compliance can be expensive for organisations often requiring additional headcount. We can simplify reporting through standardised and bespoke reports including:

  • NIST - being adopted by offshore financial regulators

  • PCI DSS - payment card industry for merchants taking credit card payments

  • HIPAA - medical compliance

  • CIS Reporting - Centre for Internet Security that maps reporting over many standards, i.e. GDPR & ISO27001

 
Leverage existing assets

You've already spent money on your existing security assets, from antivirus, firewalls, EUBA, IPS, IDS etc. Most add complexity as well as generating even more logs that, let's face it,  no one has time to look at. But don't throw them away, instead, let us ingest all the important information they generate to get maximum value and important insights on what is happening on your network. 

Deployment

It's really simple and fast, we just need to install agents on your critical servers, Windows or Linux, and an appliance that can either be physical or virtual to collect logs from your security solutions and network data from your core switch. We have connectors for the cloud that take minutes to deploy.

No Hidden Charges

It can become extremely frustrating when the supplier can't tell you the full cost of a solution, or there are hidden charges for additional services. We make things nice and simple! You pay for the number of users in your Organisation and what assets we are monitoring. An asset is anything that we collect log data from i.e. a server, firewall or cloud connector etc. 

 
FAQ's
 
  • Is there a minimum number of users that you require?

    • No, but there are certain requirements to ensure you get value from the solution. We can discuss those requirements with you.​​
       

  • We have multiple locations can you support us?

    • Yes, we support customers that are multisite.
       

  • Do I need to buy additional servers?

    • No, you do not need to invest in additional servers or software.​
       

  • Do I need to employ additional staff?

    • No, as a fully managed service there is no additional staffing requirements.​
       

  • Do you support virtual environments?

    • Yes, absolutely we support Hyper-V, KVM and VMware​ as well as Docker containers.
      ​​​

  • I don't have any servers I just use Office 365 or G-Suite.

    • As we have connectors for Office 365 and G-Suite we can collect and analyse that important information, i.e. detect account compromise and unusual login activity.​
       

  • What data do you collect?

    • We only collect log and network traffic data, i.e. logon and logoff events, firewall alerts etc.​
       

  • Where is the data you collect sent and stored?

    • The data we collect is encrypted and sent to our secure datacentre located in Guernsey in the Channel Islands.​
       

  • My Servers are hosted by my IT/Hosting Provider

    • That's not a problem we will work with them to deploy the solution. It's best practice to have a third party review the security logs. In fact, many hosting providers only offer a basic security service that does not include managed detection and response.
       

  • We use solution XYZ can you integrate with it?

    • Before implementation, we review all your existing solutions and can advise whether we natively support it. At a basic level, we can take logs from any device that supports Syslog.
       

  • What happens if you detect a threat?​

    • Our SOC analysts review all alerts generated by our enterprise platform and escalate it to you. We offer auto-remediation as well as integrating with third-party orchestration tools.  ​
       

  • What is the length of the contract?

    • The minimum term is 12 months.​
       

  • I am in Country ABC can you support me?

    • We support clients globally,  we can onboard you as long as you can send log data to us.

Want to find out more?

© 2020 by WSD (West Sealand Digital Limited)