Managed Monitoring Services

Managed Detection & Response Service (MDR)

Managed SOC Service (MSOC)

Managed SIEM Service (MSIEM)

Managed Monitoring

The gathered cyber security information is passed up to the cloud and because it is stored in a single tenant (just your data) instance, it means we can share it with you and because we can share it with you, you get to decide on who takes responsibility for what.  The more responsibility you take, the cheaper the solution gets. We effectively have 3 options:

  • MDR      We Manage, Monitor and Respond.
  • MSOC    We Manage and Monitor.
  • MSIEM  We Manage.

Uniquely, the client is able to swap between these levels of service. This is especially useful where the client wants to build their own SOC and gradually take over the monitoring of security events, safe in the knowledge that our expert engineers are managing the backend and watching over everything.

Overview

Whilst we are often called upon to build an on premise SOC for our clients, many others are keen to outsource the monitoring to CND. We are so excited to be able to offer these managed monitoring services which can adapt according to our clients maturing cyber security capability. Our clients are absolutely loving it's unequalled flexibility.

At its core it is so much more than just a SIEM, we deploy our  sensor/collector within your network, this collects all the logs from your devices, monitors the network traffic (IDS), and scans everything inside your network for vulnerabilities which an attacker might exploit. Further sensors also monitor cloud services such as Office 365, G-Suite, and AWS. Furthermore, agents monitor your remote and home workers, provide Security Orchestration and Response (SOAR) and more besides. All 3 levels of service include the above features. The cost is based upon the amount of cloud storage you require and the level of service.

Managed Detection & Response Service (MDR)

MDR is our premier level of managed monitoring services, it is a managed extension to our Network Detection and Response (NDR) service, where our team of skilled SOC analysts, security engineers and incident responders, install technology into the heart of your network to monitor your business for cyber security events, alerting you to any suspicious activity 24 hours per day.

The service doesn't stop with an alert, our experts are on hand to respond and provide understandable advice on what has been detected and what that might mean to your business and how the threat might be countered. 

Whilst our proactive approach to your security should prevent you ever being breached, if it did happen we can provide incident response on site.

 

 

Managed Security Operations Centre (MSOC)

This is our Managed Security Operations Centre (MSOC) service. If you have the skills and experience to respond to any alarms yourselves, then our MSOC Service may prove to be more cost effective. Our Security Engineers manage the Security Information Event Manager (SIEM) and our SOC Analysts monitor the security events and you are notified of any alarms 24 hours a day. 

If you did still require our support with any of the generated alarms, then our Analysts and Incident Responders could be engaged on an adhoc basis to provide support remotely, on site, or a bit of both.

 

 

Managed Security Information Event Manager (MSIEM)

Our MSIEM service level is aimed at businesses who have a mature cyber security capability and want to outsource the management of the SIEM to our expert security engineers. The client is then responsible for monitoring and responding to the security events. 

CND have a great deal of experience in building and staffing on premise SOCs.

Rest assured that you won't be left with the onerous task of configuring and tuning the system during the first few months.  When first installed, a SIEM requires a great deal of expertise, experience and constant communication between the analysts and the engineers as it beds in. Therefore during the first months of deployment (dependant on size) the MDR service level is used to undertake the work required and provide skill transfer to the clients staff responsible for security. This period can be extended by the client, if they wish, until their staff are comfortable about taking control of the monitoring and response.

If you did still require our support with any of the generated alarms, then our Analysts and Incident Responders could be engaged on an adhoc basis to provide support remotely, on site, or a bit of both.

Multiple Security Solutions in One

Know what devices are within your environment, what Operating Systems, and what applications.

Correlate and analyse event data from across your environment.

Identify vulnerabilities within your internal network and externally accessed addresses and web applications.

Be alerted to suspicious network activity from an inbuilt network IDS and Netflow sensor and receiver.

Enable security analysts to perform full protocol analysis on network traffic.

Regular analysis of your event data against the latest threats, with advice on new attacker techniques and the most effective defences.

Detect if your user's credentials have been compromised in a 3rd party breach and trafficked on the dark web.
 
Establish a baseline and identify anomalous or suspicious behaviour in your environment.

Threat detection capabilities are enhanced by automatically collecting and providing Windows and Linux system information.

Find Out More

© Computer Network Defence Limited 2020
For The Latest Updates Please Subscribe to Our Feed
Or Follow Us on LinkedIn