We’re threat intelligence experts
Lean on our cyber security analysts to help reduce the risk of cyber threats to your business, all while meeting your regulatory and compliance requirements. We’ll also reassure your customers and end users by minimising the chance of lost or compromised data.
There are no short-cuts. Intrusion prevention systems that merely act as an alarm are becoming less and less utilised on their own. We now understand that the key to a strong security posture is the right balance of people, process and technology. That’s why our security services combine e2e-assure’s independent cyber security know-how and threat hunting experience with our clearly defined managed service and deep infrastructure expertise.
For more than twenty years we’ve been designing and managing secure infrastructure for government agencies, the military, and international telco and payment providers. The partnership we’ve forged with e2e-assure is watertight and deeply integrates our people and systems to deliver a single, proactive operation. Our SOC team matches exceptional security monitoring and incident response with unparalleled real-time analysis of your security operations.
Security is built into everything we do.
The right SOC for you
We have three different SOC options for you to choose from, made for different budgets and varying needs.
Essential Security Operations Centre
With our entry level multitenant SOC you can onboard as many devices as you like. Our government security cleared analysts can defend and protect your business 24/7.
24/7 monitoring and threat hunting
Enhanced Security Operations Centre
With our Enhanced SOC you’ll have all the functionality of our Essential SOC along with longer log retention, threat hunting, and access to our customer portal included (for full visibility of all security operations). Designed to do the heavy lifting so you can get on with running your business – our Enhanced SOC will guide you through the complex world of cyber security.
Robust cloud security
Enterprise Security Operations Centre
There’s nothing held back – everything we offer with Essential and Enhanced Security Operations Centre, you’ll get here. Plus, we’ll run tailored threat workshops for your teams, along with discovery exercises for a full business overview. And we offer a full range of deployment options.
Download our SOC factsheet to compare features
Under the hood of our Security Operations Centre
Technology alone isn’t enough though. It can’t tell you whether a threat is a false alarm (a false positive). And it can’t take action.
With our SOC, expert security analysts and operatives will monitor your systems for anomalous behaviour, alerting you when a potential threat appears, and work alongside you to respond. Gone are the days of noisy software acting as a mere alarm system. Our SOC team will alert, respond and help you resolve.
Unpacking how security monitoring works
As we gather logs and alerts, our technology spots patterns. Any anomalies in the patterns or user behaviours means they get investigated by our specialist security teams. Any inkling of something suspicious, it’s then passed to our analysts. They use all the tools at their disposal including external vulnerability assessments, security intelligence, workflows, and playbooks to triage the threat. If there’s a genuine sign of a compromise or attack, it’s escalated to our response team – they’ll quickly be in touch with recommendations for you.
We’ll still share reports of false positives with you. It simply means we’ll have saved you time-sapping-energy analysing them yourself. You’ll know we’ve done the hard yards and that there’s nothing to worry about.
We use security rules to examine all the system data we gather and translate it into security alerts. Anything that’s flagged as an alert gets thoroughly investigated by our analysts as standard. What data we look at is up to you. We’ll gather data from the devices and systems you choose. Based on that we’ll either us an ‘out of the box’ set of security rules, or ones that are specific to your business – which option we take depends on the SOC service you opt for.
Unpacking how an ‘out of the box’ security rule works
Our service is built around the MITRE ATT&CK framework, this is aligned to the tactics and techniques attackers are known to use. We’ve fine-tuned our suite of standard security rules over many years of frontline experience. And we continually improve the service by adding any new rules as we identify emerging security incidents.
External vulnerability scanning
Our cloud service scans your public IP addresses or URLs over the internet. External vulnerability scanning is aimed at profiling and monitoring the external exposure of your business for obvious flaws, misconfigurations, and vulnerabilities.
Unpacking how external vulnerability scanning works
By scanning for external vulnerabilities, we can tell if you’ve already been compromised, your business is vulnerable, or already infected. Your reputation could be saved by discovering something as simple as an SSL certificate that’s about to expire, detecting you’re using a poor cipher, or an exposed open relay email server. These are all quick and easy fixes that could prevent a security breach.
Depending on the service you choose, we’ll give you weekly external vulnerability scanning for up to 16 IPs or URLs.
We use our human expertise in the SOC team to build a clear picture of any anomalies our technology picks up. Our years of threat intelligence and threat management allows our team of analysts to review the possible impact of a threat, and importantly give you an action plan for your critical business functions.
Unpacking how threat intelligence works
Our platform gathers data from several sources including:
- Open source and commercial intelligence
- External IP address and domain name
- Deep and dark web
- Threat briefs
- Threat intelligence signatures
We automatically analyse the intelligence in real-time, and run it against logs within your environments.
Threat hunting is performed routinely by our most expert analysts. But we can also perform threat hunting on demand. For example, you might want us to conduct threat hunting after we’ve uncovered some threat intelligence that’s relevant to your environment or industry.
With our Enhanced and Enterprise SOC options you’ll have access to your own SIEM security portal. This is the platform our analysts use, so you’ll be able to see everything we do to protect your business. With your own log in, your in-house team can conduct their own threat hunting if they want to. And we’ll provide support and training to further enable and educate your internal team.
Unpacking how threat hunting works
We’ve hand-picked our most experienced analysts to hunt threats. They’ll look through your logs and data for any indications of potential security threats, or compromise. If or when they discover something they can:
- fine tune your system
- update signatures
- update rules and existing tickets
- make any service improvements you need
Endpoint detection and response (EDR)
This is fundamental to protect you from malware and ransomware. We’ll install EDR on all your endpoints, including your servers. We integrate with Microsoft Defender for Endpoints and Sentinel One to enhance the standard Microsoft use cases. Our security team will add extra detection rules to identify anomalous behaviour and other indicators of attack. This means we can potentially stop a threat in its tracks before it’s had a chance to do any damage.
Unpacking how EDR works
We’ll constantly monitor your EDR, and use expert knowledge and processes to investigate security information, alerts and threat data. When our analysts decide an alert is suspicious, without hesitation they’ll immediately investigate further. Whatever they find, we’ll make sure your chosen resolver group is given all the information about it, along with actions to resolve the threat.
And, as part of our service, we’ll also make best practise recommendations for your Microsoft Defender endpoint toolset.
The type of challenges we can help you with
You’re not sure where to start, and need to figure out your challenges and security issues before you fork out money.
Our experts will spend time understanding your business objectives, so you can make an informed decision about what level of service you need to protect your sensitive data.
You’ve been caught out before and don’t have the skills you need in-house
Our SOC team helps you navigate the hurdles normally linked with recruiting and training your own teams.
You know you need to be more secure but you’re worried about the costs involved
Our security solutions build on your existing investment, so nothing’s wasted. We’ll work with your in-house teams to develop a solution that’s best for you, no matter what you have in place now.
You’re paying out for a security tool but don’t know what it’s doing or how to manage it
Security tools are only as good as those configuring and managing them. Our expertise means you know we’re managing your security operations day-to-day.
You need to be insured and compliant
We’ll give your infrastructure a clean bill of health. And our on-going protective monitoring supports cyber insurance, potentially cutting the cost of your premiums.
How we help with security incidents
In alignment with the widely recognised NIST framework, our approach is split into “incident” and “response”. We’ll detect and analyse threats identified and classified as incidents. For all levels of SOC, we’ll recommend actions you should take to contain these threats through established playbooks.
For Enhanced and Enterprise customers, our initial detection is followed by an investigation that includes full incident response and recovery from active threats. We’ll work to eradicate issues, recover data if required, and provide post incident reviews to make sure there isn’t another occurrence.
They trust us, and they tell the best stories
Follow in the footsteps of the global brands we work with – they’ve tried and tested our cloud hosting platform. Here are what a select few had to say about us