Satisnet Ltd, Basepoint Innovation Centre, 110 Butterfield Great Marlings, Luton, Bedfordshire, LU2 8DL enquiry@satisnet.co.uk
+44 (0) 1582 434320

Managed Services

The Satisnet SOC

What it Gives You

Security monitoring and incident response needs to deliver a return on investment (ROI) to an organisation. The Satisnet SOC service achieves this by making sense of the millions of IT events that flood a company’s infrastructure, to deliver tangible results and Key Performance Indicators.

Key Performance Indicators

  • Automation Utilisation

    KPI image

  • Average Ticket Duration

    KPI image

  • Incident Types

    KPI image

  • Incidents by Severity

    KPI image

  • Incident Progress by Involvement

    KPI image

  • Incidents Managed by

    KPI image

  • SLA Posture

    KPI image

  • Escalation Status

    KPI image

  • Time Distribution

    KPI image

  • Incidents by Run-Book

    KPI image

Other Reports and KPI's

  • How long did it take to investigate and remediate incidents?
  • How effective are the security solutions that you have in place?
  • Are your resources allocated appropriately?
  • Do you have the right number of people reacting to issues?
  • Which parts of the organisation?
  • Time distribution
  • Time of day
  • How many incidents are you tracking?

Events per Second

Typically SIEM’s are rated in terms of their Events per Second (EPS) throughput capability, and they process millions of events daily. These raw numbers of events are generated by all devices on the network and fed into the SIEM.

There are many ways that events can be condensed down, such as having an aggregation process where you take multiple events that are the same and total them up to create a single incident. Rules and correlation take events that mean almost nothing and join them together to mean something that is worth investigating.

Events per Second

Incident Processing and Automation

In terms of processing incidents, the volumes that modern day SIEM’s and SOC’s generate are huge and cannot feasibly be processed and actioned by a human team. Automation and machine learning needs to also be utilised.

Automation is utilised throughout the Satisnet SOC to; map assets and their stakeholders, open incident Run-Books based on alert/incident triggers, collect additional business and technical context to enable better decision making, reduce false positives, and ensure that analysts and customer infrastructure teams work on real incidents as opposed to false alarms.

Automation is also utilised to orchestrate security and infrastructure point solutions to assist in remediation and pull together platform teams and processes, while interfacing with ticketing systems.

SOC architecture image

1. Event Collection

1000’s of events being generated by security and infrastructure devices on the network.

2. Event Correlation

Events are aggregated and correlated by the SIEM, producing a huge number of security incidents, but they lack business context and security intelligence.

3. Use Case Modelling

Satisnet has developed a state-of-the-art application of SIEM SOC Use Cases that customers can use to map their security goals and understand what infrastructure is needed to achieve this.

4. Incident Processing

SOCAutomation uses machine learning to apply additional business and technical context, reducing the generated alerts into high priority, actionable incidents. It then enables the incidents to be triaged and actioned further using automation across point security tools and infrastructure, while interfacing to ticketing/workflow systems, to ensure a cohesive security fabric involving people and tools.

Satisnet Vulnerability Management Service (SVMS)

Satisnet Vulnerability Management Service, powered by Tenable Network Security, performs highly accurate internal and external scan audits across network devices, servers, web applications, databases, and other assets in on-premise and cloud environments.
The scanning technology is fully managed and maintained by our dedicated vulnerability management team, eliminating administration and maintenance burdens so you can better focus on protecting your assets and reducing business risk.

Key Benefits of SVMS

  • svms image

    Continuous ‘always on’ scanning using Tenable’s passive scanner(s)

  • svms image

    Identify exploitable vulnerabilities with the largest knowledgebase of vulnerability checks in the industry

  • svms image

    Dedicated team of experts: Virtually eliminate false positives with expert operational support

  • svms image

    Satisfy regulatory compliance requirements

  • svms image

    Track remediation workflow across the infrastructure

  • svms image

    Automation with other security tooling

  • svms image

    Correlation with threat intelligence and other alerting systems

  • svms image

    Integration with existing ticketing systems

Satisnet's EU GDPR SOC

GDPRsoc orchestrates and automates EU GDPR, enabling your people, data, security technologies, and processes to work as a cohesive compliance and security fabric to deliver fast and scalable EU GDPR protection.
Most importantly delivering key performance indicators (KPIs) back to the business, customers, and data protection regulatory bodies.

Secure Locations

The Satisnet SOC is located in and managed from a fully secured environments. Door access systems, CCTV, and remote locations offer the maximum security available for storing and managing sensitive data. The Satisnet SOC has UK locations in Luton, Hitchin and Edinburgh, as well as a location in Hyderabad, India.

Satisnet SOC locations 1
Satisnet SOC locations 2

Book a demo

Request a call