Managed Services Overview
With 60+ staff working throughout our three UK-based Security Operations Centres (SOCs) – Luton (HQ), Sheffield and Edinburgh – we offer comprehensive Managed Security Services to our 30+ (and growing!) Managed Service customers.
As a self-sufficient Global MSSP, we have 35+ SIEM-certified experts in-house, with deep knowledge of other supporting security tools, working throughout our 7x24x365 SOCs.
Our next-generation SOCs uniquely utilise our co-developed Security Orchestration, Automation and Response (SOAR) platform, SOCAutomation – reducing the teams’ workload, and increasing coverage of all security infrastructure and business-critical assets.
Satisnet Managed Services – Key Differentiators
- Next-generation SOC services – proactive incident response and continuous self-learning
- Partnership service approach – essentially an extension of your security/IT team
- Co-managed – Satisnet team regularly on-site with customer
- Ramped – nurturing a customers’ team to aid development of SOC
- Fully-managed – Satisnet proactively monitoring and actioning incidents
- Security Orchestration, Automation and Response (SOAR) – our co-developed SOAR solution, SOCAutomation (socautomation.com), enables security teams to keep pace with the ever-increasing cyber defence challenges. Automating people, infrastructure and tooling, with key use-cases being:
- Data enrichment
- Threat intelligence
- Gap analysis/vulnerability management
- Workflow/incident management
- Ticketing integration
Proactive Service Innovations and Releases
- Real-time security awareness training with our in-house developed platform, Agilitii (agilitii.com) – incidents auto-generate quick cyber awareness lessons and auto-distribute to targeted users
- DNS Security – utilising Nominet’s Active Platform, as used by the National Cyber Security Centre (GCHQ)
- Social media and digital security – monitoring corporate social media platforms for brand and individual protection
- Machine learning – using advanced machine learning to detect cyber security issues and incidents at the earliest possible stage
- APT vulnerability scanning – utilising technology focused on the detection of attacker activity. Revealing attacker activity in log files, attacker tools, anomalies, and many other check items
- ELK and SOCAutomation – SOC use-cases and threat hunting. Essentially a cost-effective and highly-scalable approach for customers
- AWS and Azure cloud security and compliance – monitoring using an agile API-based approach
- Use-case modelling and advanced threat detection app
SIEM Managed Service
As one, if not the most, business-critical tool in your security infrastructure, your SIEM provides the coverage needed to maintain a secure information environment. However, the fast-paced environment of the cyber security world means that this huge investment is often misconfigured and mismanaged – ‘just to get it in there’. Not only does this leave potential gaps in your security space, the ROI of your investment can be incredibly low – damaging to the organisation as a whole.
SIEM-agnostic, the Satisnet Managed SIEM Service provides the ultimate protection of your company data, assets and key infrastructure. Aligning with your business requirements, the SIEM Managed Service takes into consideration the following areas;
- Organisational requirements/awareness
- Business workflows and strategy
- BAU activities
- Existing tool specifications
- Resources, management and reporting
Not only does the SIEM Managed Service align with the requirements/workflows of your organisation, security automation and orchestration are also utilised. This maximises the potential of your SIEM investment, takes in all unfiltered alerts – leaving no stone unturned – and maps stakeholders per alarm based on business and security context.
SVM Managed Service
Vulnerability management is labour-intensive and associated Business as Usual (BAU) activity uses much of your security teams’ resource and time. Scans take a long time and produce huge lists of vulnerabilities which are difficult to prioritise and triage across the organisation.
As one of Tenable’s most distinguished partners, the SVM Service is one of a kind, and is powered by either/or; Tenable.io, Tenable SecurityCenter (SC) and Tenable SecurityCenter Continuous View (SCCV). As a flagship partner, the SVM Service performs in these key areas;
- Vulnerability Incident Response (VIR)
- Continuous visibility to your on-premise and cloud environments
- Track and triage across infrastructure teams
- Tracking of progress across Run-Books and stakeholders
- Ticketing system integration
The SVM Service includes, to name a few;
- Automated scan-schedules – with the inclusion of ad-hoc scanning
- Run-Books creation and guidance for stakeholders
- Tailored to business requirements and processes
- Update sessions with MSP team
- Tenable platform updates and health monitoring
Not only does the SVM Managed Service take away the increasing pressure of vulnerability management away from your team, or also maximises the utilisation of your investment – ultimately giving you a maximum ROI in this area. Along with a tailored service to suit your business needs, this