> Protective Monitoring and SOC..|

e2e Protective Monitoring and security operations centre (SOC) Service is a complete cyber defence service suitable for all customers and available in three variations which align with your organisation’s threat posture and risk appetite.

The service can be scaled-up or down as the threat landscape changes. It provides the managed security you need to successfully counter the cyber threat: threat monitoring, detection, prevention and incident response.

Top Level Features

  • Continuous Cyber Defence Protective Monitoring with alerts and incident response
  • Triage, analysis and response integrated into a comprehensive SOC operating model reducing time and improving effectiveness
  • Multiple delivery models including Private Cloud, Public Cloud , and Hybrid configurations
  • Protective monitoring can be provided for public cloud including Azure, Office365, AWS, UKCloud, Google etc.
  • SOC/virtual SOC/CERT functions 24/7 using SC Cleared UK staff working with data in UK Datacentres
  • Integrated Threat and Risk modelling with security Analysis and Reporting
  • Provides context and situational awareness to allow confident response decisions
  • Integrated dynamic asset management and network discovery
  • Log and event correlation and analysis, monitors mobile users and devices
  • Traffic Analysis, Deep Packet Inspections, IDS, Vulnerability Scanning, Blacklist monitoring
  • Privileged User monitoring, Collaboration and continuous service improvement
  • Consumes Threat Intelligence from open and commercial sources
  • Designed to provide user and customer level customisation
  • Services accommodate any OFFICIAL or OFFICIAL-SENSITIVE requirement
  • Distributed and Federated architecture, multi domain and multi classification
  • Incident Response, dedicated Cyber Case Management and generated Playbooks
  • Supports GPG-13 profiles, B (DETER), C (DETECT/RESIST), D (DEFEND)
  • Mobile and Remote workforce monitoring - Geo alerting, Location reputation checking, Identification of compromised home networks

Cumulo Dashboard

cumulo dashboard

Benefits

The following is a summary of the benefits of our Service:

  • Reduced cost of security monitoring, increased security coverage
  • End-to-end business securisty confidence and essential security audit assurance
  • Single holistic view of risk and threat across the enterprise including private and public Clouds
  • Centralised integrated security knowledge repository with enhanced anomaly detection
  • Speed of delivery - get real value in just 2 weeks
  • Maximise extant IT and investment in security
  • Can be developed ‘onto, into and out of’ quickly and efficiently supporting the Government Digital Agenda
  • Triage and analysis services identify threats before they become incidents
  • Alerting, expert advice and evidence of potential and verified threats
  • Agile, adaptive Cloud-aware service secures your journey to the Cloud
  • Creates a common platform hiding the complexity of the underlying tools
  • Dynamically discover assets, learn what is connected to every system
  • Enhanced Mobile and BYOD user risk monitoring
  • Standards compliance for ISO27001:2013, Cyber Essentials Plus, PCI
  • Breaking security technology stove pipes to identify anomalies quicker
  • Flexibility and scalability up and down, short term options for busy periods or heightened threats
  • Scales on protected devices/asset/user and aligns closer to the business need rather than a technical straight-jacket (log sources or eps)
  • Allows you to creates an agile ecosystem of technology, services and suppliers

Incident Overview

cumulo dashboard

Feature Comparison


Included Requirement/Feature

On Premise Log Management SIEM Tool*

Organisation Security Operations

Resources

E2e-assure Protective Monitoring Service - Enhanced

E2e-assure Protective Monitoring Service - Premium

Log Collection, Storage and Reporting, Log Management

n/a

Log Correlation

n/a

Server Agents

n/a

Privileged user monitoring

*

n/a

Traffic Analysis

*

n/a

Network Discovery

*

n/a

Asset Management

*

n/a

Threat Intelligence

*

n/a

Blacklist monitoring

*

n/a

DNS Monitoring

n/a

Botnet Monitoring

n/a

Internal Vulnerability Scanning

n/a

External Vulnerability Scanning

n/a

Business Service Prioritisation

n/a

Threat and Risk Modelling

Manual

End to end holistic enterprise view including cloud services

Manual

HIDS

n/a

Network Intrusion Detection System (IDS)

n/a

Packet Capture

n/a

Packet Inspection and Analysis

Manual

Dynamic asset and Network Map

n/a

Full situational awareness

Manual

Geographic analysis of all attacks and traffic

n/a

Identification of compromised home networks

n/a

Location reputation checking

n/a

Security Case Management

Manual

Tailored Playbooks

Manual

Alert analysis and triage, remediation recommendations

Manual

Full Incident Response and Management

Manual

Forensic Services

Manual

Incident Response Planning

Manual

Monthly review meeting

n/a

GPG-13

n/a

No Training required

n/a

Speed of delivery

3 Months

n/a

2 Weeks

2 Weeks

Continuous service improvement

n/a

Our service is suitable to address any of the following business requirements:

  • Compliance and Audit (including PSN Connectivity requirements)
  • Maximising the benefit of existing security investments
  • Managing enterprise cyber risk and threat
  • Establishing an end to end security view of corporate and Cloud services
  • Being able to identify and manage security incidents effectively
  • Provide security monitoring on specific parts of the corporate network - e.g. gateways
  • Provide flexible and scalable security services, up and down, as needs change
  • Support real time asset management especially in the use of mobile and BYOD
  • Integrate and reuse of existing tools to improve situational awareness
  • Establish an open secure platform that supports collaboration between corporate, supplier and third parties
  • Provide security capabilities that facilitates business change, rather than get in the way or delay business change
  • Reduce implementation and delivery risks through the use of proven, assured services
  • The Enhanced and Premium Services conform to the SANS Incident Response Maturity Model level three “Proactive Incident Response”

The Enhanced and Premium Services conform to the SANS Incident Response Maturity Model level three “Proactive Incident Response”

Three IR Maturinty Models
SANS Proactive Incident Response

Mini Terms and Conditions:

We offer very friendly terms and conditions designed to make using us and leaving us very easy: we focus on providing expert, high quality, secure services so that you don’t want to leave us, not on tying you in to long term contracts.

  • Free trial available
  • 1 month minimum term
  • 1 month notice
  • Fixed on-boarding
  • Fixed off-boarding

Pricing

From only £10.00 per device per month. Click here to get prices! or contact us now for a free, no obligation quotation.


Not sure if this is the right service? Either Contact us or take a look at our services.

Tweets


QUALIFICATIONS

  • GCIA
  • GREM
  • GCFE
  • GCIH
  • GSEC
  • CLAS
  • BSI
  • CESG
  • IASME
  • CES Plus

ORGANISATIONS

  • HM Government
  • Cyber Security Challenge
  • Tech UK
  • Crown Commercial Supplier
  • UKCEB
  • IOD
  • UKCSF
  • BCS

PARTNERS

  • HEX
  • Risual
  • UKCloud
  • Surevine