SOC-as-a-Service
Security operations center as a service (SOCaaS) is a cloud-based subscription model for managed threat detection and response that includes best-in-class SOC solutions and capabilities to help fill in gaps on existing security teams.
Service Overview
SOC-as-a-service Scope Coverage
- Cyber Security Monitoring
- Incident and Alert Analysis
- Incident Handling and Responses
- Unlimited Phone and Email Support
- Monthly Managed Security & Monitoring Services Report
- Consultation and Advisory on Attack Mitigation / Risk Management
- Integrated Global Threat Intelligence
SOC-as-a-service Includes
- Dedicated SOC components for each tenant (SIEM and log collector)
- Onboarding installation and configuration
- Logs and event fine-tuning
- 1 year log retention (customizable)
Service Level Agreement (SLA)
Severity Level | Definition | Response Time | Response Method |
---|---|---|---|
1 (High) |
|
Within 30 minutes | Phone and Email |
2 (Medium) |
|
Within 60 minutes | |
3 (Low) |
|
Within 24 hours |
Note:
1Asset discovery and classification will be conducted during onboarding process.
SOC-as-a-service Reporting
Frequency | Report |
---|---|
Monthly |
Monthly SIEM & Service Monitoring Report
Monthly summary of previous month’s top talker statistics, top endpoint detection summary, top malware detection summary, top infection by user / category / action, device status monitoring, threat intelligence and vulnerability alerts summary, configuration audit, number of devices monitored, list of tickets (open, pending, closed), SLA trackers, incident responses, historical trend analysis, escalations, incident summaries, and fine-tuning recommendations. |
As and when security incident is declared and responded to |
Security Incident Report
This report shall be detailing all information regarding any security incident that had happened – root cause analysis, attack vector, type of attacks, malware involved, machines affected, forensic activities, evidence, remediation advisories, action taken, preventive actions, and summary. |
SOC-as-a-service Plan
Features | SOC BASIC | SOC PRO |
---|---|---|
Service Coverage | 8 x 5 | 24 x 7 |
Log Retention | Customizable | Customizable |
Threat Intel Lookup | Yes | Yes |
Automated Blocklist | Yes | Yes |
Reporting | Daily, Weekly, Monthly, Incident Report | Daily, Weekly, Monthly, Incident Report |
SIEM Audit Trail | No | No |
PCI-DSS Compliance | Comply Fully | Comply Fully |
RMIT Compliance | Comply Fully | Comply Fully |
Tiering Discount | Yes | Yes |
Charging Model |
|
|
T&C and Assumptions
- SOC-as-a-service scope covered with 8x5 or 24x7 SLA
- On the customer tiering option, it is based on assumption of each tenant has maximum of 30 devices (firewall, servers, database, etc…) to monitor.
- Allowance of 10% of additional device without charges (for per-tenant based).
- For each additional device exceeded the allowance allocation, additional charges calculation is by “per-device pricing”.
- Offline storage (if logs needed to be kept for more than 1 year), this to be handled by customer – either using external storage e.g. NAS or VM image backup software.
- SOC-as-a-service (SIEM and Log Collector) components will be hosted within Customer’s infrastructure. Server resources and connectivity to be facilitated by Customer.
Key Takeaways
- With the rise of cyber threats, it's important to protect sensitive data and systems by Implementing data segmentation / Isolation.
- We are using NextGen-SIEM which is the latest technologies supporting both structure & unstructured data, couple with our SOC technical know-how, procedures & security best practices (Technology, People & Procedure) to keep our customers secured
- We enforced 100% IP Address lookup via our purposed built co-relation detection logic to Cyber Threat Intelligence (CTI) without missed of any potential threat indicators (IOC)
- Our In-house developed Blocklist Generator Engine (BGE) enables cyberthreat indicator blocking in real-time, without delay or dependent on manual human actions
- We believe in building strong relationships with our customers is key to retaining over the long term. We offer prompt, responsive, and friendly customer service to ensure customers feel supported and valued always
Want to know more about SOCaaS?
Call or click to WhatsApp any of our friendly Sales team below :
016-330 8032
Wani Shaari
017-353 2191
Tasya AbuBakar