SOC as a Service

Rapid Telemetry & Response 24x7x365

Using Security Orchestration, Automation, and Response as part of our enterprise tool stack, and staffing our Security Operations Center (SOC) with Certified Security Experts around the clock – even on holidays and weekends, we are able to get the big picture of an attack quickly. Our SOC will ingest security information from across your systems. Then, automation and machine learning enables the rapid evaluation, correlation, and first-step triage for events.

With so much automated intelligence available to them, our experts are a step ahead out of the gate to get a jump on attackers. Rapid telemetry allows our team to take appropriate remediation steps very quickly because they are dealing with accurate, vetted, correlated data, rather than sifting through logs to find the information they need.

What types of security technologies can we manage with SOC as a Service?

IT and Infrastructure

• Active Directory
• AWS IAM Access Analyzer
• Axonius
• Azure Active Directory
• BMC Helix Remedyforce
• CA Service Desk Manager
• Cisco IronPort
• ConnectWise
• Docker Hub
• EasyVista
• Email
• EmailV2
• Exchange
• F5 BIG-IP Access Policy Manager
• File Operation
• Google BigQuery
• GSuite
• HTTP Rest API
• IBM BigFix
• Jira
• Marketo
• Micro Focus ITSMA
• Microsoft Teams
• MSSQL
• MySQL
• ObserveIT
• Office 365 CloudApp Security
• PostgreSQL
• Runners
• Salesforce
• SCCM
• SendGrid
• ServiceDesk PlusV3
• ServiceNow
• Site24x7
• Slack
• SolarWinds Orion
• SSH
• SysAid
• Telegram
• Twilio
• VSphere
• WMI
• Zabbix
• Zendesk
• Zoom

Management

• AirTable
• Asana
• Hibob
• Spell Checker

SIEM and Log Management

• AlienVault USM Anywhere
• Arcsight
• ArcsSight Logger
• FireEye Helix
• LogPoint
• LogRhythm
• Logzio
• McAfeeESM
• MongoDB
• Nozomi Networks
• QRadar
• Rapid7 InsightIDR
• Redis
• Splunk
• Stellar Cyber Starlight
• Sumologic

Threat Intelligence

• Anomali
• Anomali Staxx
• APIVoid
• BlueLiv
• Certly
• Check Point SandBlast
• CheckPoint Threat Reputation
• Cisco Threat Grid
• Cybersixgill DVE Feed
• DeepSight
• Flashpoint
• Google Chronicle
• Google Safe Browsing
• GreyNoise
• IntSights
• MalShare
• Malware Domain List
• McAfee TIE
• Microsoft Graph Security
• MISP
• Palo Alto AutoFocus
• PhishingInitiative
• RecordedFuture
• Siemplify ThreatFuse
• Sixgill
• Talos ThreatSource
• Threat Connect
• Threat Exchange
• ThreatCrowd
• ThreatQ
• TruSTAR
• UrlScanIo
• VirusTotal
• VirusTotalV3
• XForce

Forensics and Malware Analysis

• Any.Run
• Cisco AMP
• Cuckoo
• Falcon Sandbox
• Google Rapid Response (GRR)
• Intezer
• JoeSandbox
• Lastline
• Palo Alto Wildfire
• Reversinglabs A1000
• Symantec Content Analysis
• VMRay

Endpoint Security

• Armis
• Azure Security Center
• Carbon Black Defense
• Carbon Black Protection
• Carbon Black Response
• CrowdStrike Falcon
• Cybereason
• Cylance
• Cynet
• Endgame
• FireEye EX
• FireEye HX
• McAfee Active Response
• McAfee Mvision EDR V2
• McAfee Mvision ePO
• McAfee Mvision ePO V2
• McAfeeEPO
• Microsoft 365 Defender
• Microsoft Defender ATP
• Opswat Metadefender
• Palo Alto Cortex XDR
• ProofPoint TAP
• Qualys EDR
• RSA NetWitness EDR
• SentinelOne
• SentinelOne V2
• Sophos
• Symantec ATP
• Symantec Endpoint Protection 12
• Symantec Endpoint Protection 14
• Symantec Endpoint Security Complete Cloud
• Tanium
• Trend Micro Apex Central
• Trend Micro Deep Security
• VMware Carbon Black Endpoint Standard Live Response

Identity and Access Management

• AWS IAM Access Analyzer
• AWS Identity and Access Management (IAM)
• CyberArkVault
• F5 BIG-IP Access Policy Manager
• Okta
• Portnox

Cyber and Utility

• NucleonCyber (Cyber)
• Imgbb (Utility)
• Tools (Utility)

Network Security

• AWS WAF
• Check Point Firewall
• Cisco Firepower Management
• Cisco ISE
• CyberX
• Darktrace
• Exabeam Advanced Analytics
• F5 Big IQ
• FireEye CM
• FireEye NX
• FortiManager
• Fortigate
• iBoss
• Illusive Networks
• JuniperVSRX
• McAfee ATD
• McAfee Web Gateway
• McAfeeNSM
• Nozomi Networks
• Palo Alto Next Gen Firewall
• Palo Alto Panorama
• PerimeterX
• Protectwise
• RSA NetWitness
• RSA NetWitness Platform
• SonicWall-Beta
• Stellar Cyber Starlight
• Vectra
• Zscaler

Email Security

• Cofense Triage
• FireEye ETP
• IronScales
• PhishTank
• Proofpoint Email Protection

Threat Intelligence

• Cybersixgill Darkfeed

Threat Actors

• Flashpoint

Google Applications

• Google Calendar
• Google Docs
• Google Drive
• Google Sheets

Mass-Internet Scanning

• GreyNoise

Cloud Security Testing

• Amazon Macie
• AWS – EC2
• AWS Cloud Trail
• AWS CloudWatch
• AWS Elastic Compute Cloud (EC2)
• AWS GuardDuty
• AWS S3
• AWS Security Hub
• AWS WAF
• Check Point CloudGuard
• Elastica Cloud SOC
• Google Chronicle
• Google Cloud Compute
• Google Cloud Storage
• Microsoft 365 Defender
• Microsoft Azure Sentinel
• MobileIron
• Netskope
• Office 365 Management API
• PerimeterX
• Stealthwatch
• Stealthwatch V6.10
• Trend Mirco Cloud App Security

Vulnerability and Risk Management

• NessusScanner
• QualysVM
• Rapid7 InsightVm
• RSA Archer
• SSL Labs
• Tenable Security Center

Vulnerability and Risk Assessment

• beSECURE

Data Enrichment

• Alexa
• AlienVault USM Appliance
• Area1
• BlueLiv
• BulkWhols
• Check Point SandBlast
• Cisco Orbital
• CiscoUmbrella
• CountryFlags
• DomainTools
• DShield
• Elastic Search
• ElasticSearchv7
• FullContact
• Google Chronicle
• HavelBeenPwned
• IPInfo
• MITRE ATT&CK
• MX ToolBox
• PassiveTotal
• Pulsedive
• Reversinglabs Titanium
• ScreenshotMachine
• Shodan
• Siemplify ThreatFuse
• SolarWinds Orion
• Symantec ICDX
• Tor
• UnshortenMe
• URLVoid
• Vectra
• WHOIS XML API