ArmaProtect: Security Operations Centre

ArmaProtect: SOC

A SOC solves one of the key weaknesses that many businesses are enduring every day, that of running and maintaining an expert-level Security Operations Centre (SOC) service and team.

The challenges that businesses face when considering a SOC are several, including:

  • High setup costs – Significant investments are needed in hardware, processes, and tooling that may not fully pay back for several years.
  • Skills Shortage – With a projection of around 3.5m unfilled jobs by 2021 because of the cyber labour crunch it is difficult to find, hire, train, and retain qualified personnel.
  • Rapid Market Evolution – Lack of expertise keeping ahead of complex threats and new technologies to stay relevant in a fast-changing market
  • Constant Monitoring – Ensuring consistent monitoring around the clock can be challenging. Your attackers will not respect business hours, so how can you stay vigilant continuously?
  • Overwhelming Workload – The workload can be overwhelming, especially during startup and growth. Filtering through the noise, alerts, false positives and deciphering the important topics can be immensely difficult.
  • Regulatory Burden – Depending on the industry, compliance with various standards can be an expensive but necessary undertaking.

ArmaProtect: SOC is a complete reactive and proactive managed security service for a next-generation security solution

It provides your business with benefits such as:

  • Improved security posture and faster incident response
  • Reduced IT security operations costs and skills overheads
  • Predictable Operating Expenditure (OPEX)
  • Enhanced security and compliance with expert validation of the cyber infrastructure function
  • Extended value and greater ROI of deployed cyber solutions
  • Greater freedom to focus finite resources i.e. on strategic IT initiatives

 

How does it work?

  • Comprehensive SOC portal for live status and reporting tickets
  • You can choose the contract terms: 1, 2, or 3 years.
  • Email/phone/portal enquiries answered by accredited and experienced engineers

What’s Included?

ArmaProtect: SOC combines a comprehensive SOC-based monitoring and alerting service with managed capabilities for dynamic network environments, including proactive software upgrades and policy management – all driven by our security automation and orchestration platform, which incorporates:

  • Service management reporting
  • Security improvement advisories
  • The standard service operates to a 4-hour response time and 8-hour resolve time, and currently supports the following vendor solutions:
  • Palo Alto Networks (NGFW, TRAPS, CORTEX-XDR, Redlock)
  • Fortinet (NGFW)

Services offered

Security Operations Centre Monitoring and Alerting Prevention and Countermeasures
  • Permanently staffed, 24 hours a day / 7 days a week
  • SOC portal for live status and reporting tickets
  • Enquiries answered by accredited and experienced engineer
  • SOC 2 Type 2, ISO 27001 and ISO 9001 certified
  • Web scale security automation and orchestration platform
  • High levels of resilience and redundancy
  • Threat Event Enrichment, Analysis and Correlation
  • Incident Monitoring, Alerting and RCA
  • Remote Breach Support
  • Security Dashboard
  • Compliance Reporting
  • AI-based threat hunting
  • Post-breach investigation
  • Service management reporting
  • Security improvement advisories
  • Availability Monitoring and Backup
  • Operational and Capacity Management
  • Updates and Upgrades
  • Policy Compliance and Best Practice Validation
  • Device and Policy Configuration
  • Change Management
  • Automated Rules of Engagement
  • Policy Topology Reporting
  • Behaviour Baselining