Saving your Sanity

XCELIT manages the Technology, Team, Training and Threats

So you can be focused on your business

 

 

Saving your Time

Your most valuable asset

SOC Security Operations Centre’s and responding to threats consume time, lots of it, from management to training, to the hundred little things needed daily

XCELIT augments your team, saving your team’s time

Saving your Money

Setting up a 24/7/365 SOC Security Operations Centre is no small task

Requiring a minimum of 6 staff, leading technology that continually needs upgrading, equipment, training and the hundred little things. Setting up a SOC Security Operations Centre adds a burden even to the largest budgets.

Starting at less than the cost of a single Security Analyst, XCELIT’s SOC Security Operations Centre solution saves you Money, lot’s of Money.

XCELIT's SOC Security Operations Centre Solution:

  • Provides integrated enterprise threat management

  • Costs much less than any equivalent internal solution would

  • Provides round the clock Managed Detection and Response

  • Saves you time with a Full Response Service

  • Provides access to experienced and skilled staff

  • Reduces dwell time for breaches, mitigating risk

  • Is scalable to meet your needs as you grow

  • Augments seamlessly with your team and business

Key Features of XCELIT's SOC Security Operations Centre Solution are:

  • Continuous monitoring & alerting on unlimited assets

  • On-premise, cloud and hybrid coverage

  • Asset visibility

  • Event logging & correlation

  • Intrusion detection

  • Threat assessment

  • System & user activity monitoring

  • Endpoint detection & response

  • Incident response

  • Customized reporting – executive technical, service & compliance

  • Advanced threat intelligence

  • Integration with other security products

  • Orchestration & automation of playbooks

  • Proactive alarm monitoring

  • Alarm validation, review, and escalation

  • Incident investigation

  • Full response, guidance and recommendations

  • Implementing changes in response to identified threats

  • Identifying vulnerabilities, configuration errors, and other cyber risks to your business

  • Orchestration with other security products to provide integrated response (Standard and Premium Plan)

  • Over 300 useful business app security integrations

XCELIT’s SOC Security Operations Centre packages are fully detailed below.

If you have additional or different needs, talk to us and we will tailor a solution to fit.

XCELIT’s SOC Security Operations Centre Plans:

ESSENTIALS

Designed for small to medium sized organisations looking for an affordable Cyber Security Solution

STANDARD

Includes an efficiency gain through security orchestration, automation, and deeper security analysis

PREMIUM

Ideal for organisations that want to meet specific PCI DSS audit requirements

Hot Storage (Real Time Event Search)

ESSENTIALS

15 Days

STANDARD

30 Days

PREMIUM

90 Days

Any event log collected by XCELIT’s Security Operations Centre (SOC) is stored within compliant-ready and secure hot storage for the specified period of time (15, 30 or 90 days). The standard approach used is a write once, read many (WORM) to log storage in order to prevent log data from being modified or otherwise tampered with. Hot storage allows for faster viewing of event history in the case of forensics.

Cold Storage (AWS)

ESSENTIALS

Indefinite Days

STANDARD

Indefinite Days

PREMIUM

Indefinite Days

Any event log collected by XCELIT’s SOC Security Operations Centre Service is stored within compliant-ready and secure cold storage (AWS). Data is kept indefinitely in cold storage for as long as invoices continue to be paid, with download capability also available. The standard logging approach used is a write once, read many (WORM) to log storage in order to prevent log data from being modified or otherwise tampered with.

Raw logs are available at any time, for example in the case of forensics such as investigating a fraud incident within an organisation which may require log events to be investigated several years into the past.

SOC Monitoring

ESSENTIALS

12x5 (Mon-Fri)

STANDARD

24x7

PREMIUM

24x7

XCELIT’s Security Operations Centres (SOC’s) monitors and analyses activity across the entire network including on-premise, off-premise cloud, endpoints and over 300 common applications looking for anomalous activity that could be indicative of a security incident or compromise.

With XCELIT the effort doesn’t end with systems, XCELIT’s Security Operations Centre (SOC) leverages people, processes, and technology to continuously monitor and improve your organization’s security posture while preventing, detecting, analysing, and responding to cybersecurity incidents as per your IRP Incident Response Plan.

XCELIT’s Security Operations Centres SOC is the core of XCELIT’s piece of mind Cyber Security.

Asset Discovery & Inventory

ESSENTIALS

STANDARD

PREMIUM

XCELIT Security Operations Centres SOC will use tools to discover and inventory all the assets (servers, desktops, laptops, connected mobiles, virtual machines, containers, firewalls, switches, and printers, etc) in your network and correlate asset information with threat and vulnerability data.

Vulnerability Scanning

ESSENTIALS

STANDARD

PREMIUM

The dynamic nature of today’s cloud, on-premises, and hybrid network environments requires continuous network vulnerability scanning to defend against the evolving threat landscape. Constant application updates and changes to application and system configurations can introduce vulnerabilities and leave you susceptible to an attack, even if you are keeping your security controls up to date.

XCELIT’s Security Operations Centre (SOC) vulnerability scanning identifies and creates an inventory of all the systems (servers, desktops, laptops, connected mobiles, virtual machines, containers, firewalls, switches, and printers etc) connected to a network. For each device that it identifies it also attempts to identify the operating system it runs and the software installed on it, along with other attributes such as open ports and user accounts.

After building up an inventory, the vulnerability scanner checks each item in the inventory against known vulnerabilities to see if any items are subject to any of these vulnerabilities.

Vulnerability Assessments

ESSENTIALS

STANDARD

PREMIUM

XCELIT’s Security Operations Centre (SOC) performs vulnerability assessments to define, identify, classify and prioritise vulnerabilities across your entire network so that the most critical vulnerabilities (those that a Hacker may exploit) can be taken care of with priority.

XCELIT’s Security Operations Centre (SOC) performs vulnerability assessments on an ongoing basis and responds as per the Incident Response Plan (IRP) in place with our clients.

Intrusion Detection

ESSENTIALS

STANDARD

PREMIUM

XCELIT’s Security Operations Centre (SOC) employs intrusion detection software as part of XCELIT’s service offering. XCELIT’s solution includes built-in host intrusion detection (HIDS), network intrusion detection (NIDS), as well as cloud intrusion detection (CIDS) for public cloud environments including Google Cloud, AWS and Microsoft Azure, enabling you to detect threats as they emerge in your critical cloud and on-premises infrastructure.

SIEM Event Correlations

ESSENTIALS

STANDARD

PREMIUM

Security Information and Event Management (SIEM) is where software products and services combine security information management and security event management. Providing real-time analysis of security alerts generated by applications and network hardware.

XCELIT’s Security Operations Centre (SOC) employs SIEM Event Correlations. SIEM event correlations are an essential part of any SIEM solution. SIEM event correlation aggregates and analyses log data from across your network applications, systems, and devices, making it possible to discover security threats and malicious patterns of behaviours that otherwise go unnoticed and can lead to compromise or data loss.

Generated data for SIEM event correlations can be overwhelming. XCELIT’s systems take available information and filters out noise to generate actionable intelligence related to which events could cause a security breach, allowing targeted response.

Incident Response

ESSENTIALS

STANDARD

PREMIUM

XCELIT, with our clients, develop a Full Incident Response plan which is followed by our Security Operations Centre (SOC), providing you with confidence that a level of response is regularly employed on your behalf.

Incident Response is best driven by an incident response plan. If you do not yet have an Incident Response Plan, a XCELIT representative can assist with developing one with or for you. If you already have an Incident Response Plan, XCELIT’s Security Operations Centre (SOC) can augment into your existing plan.

Endpoint Detection & Response

ESSENTIALS

STANDARD

PREMIUM

Endpoint detection and response (EDR), also known as endpoint threat detection and response (ETDR), is an integrated endpoint security solution that combines real-time continuous monitoring and collection of endpoint data with rules-based automated response and analysis capabilities.

Endpoints include not only desktops and servers, but laptops, tablets, smartphones and internet of things (IoT) devices.

Increasingly, endpoints represent one of the top areas of security risk for organizations and as a result, EDR is becoming increasingly important. Cyber criminals are increasingly designing their attacks to evade traditional endpoint prevention and protection tools, in response XCELIT’s  Security Operations Centre (SOC) as part of our services seek evidence of attacks that might not trigger traditional prevention rules.

While many security teams recognize the need for advanced threat detection for endpoints, most do not have the resources to manage a standalone EDR solution.

Endpoint detection and response solutions, such as that employed by XCELIT Security Operations Centre (SOC) record system activities and events taking place on endpoints and provide XCELIT’s Security Operations Centre (SOC) team with the advanced analytics they need to uncover incidents that would otherwise remain invisible. Commonly also known as detecting and investigating suspicious activities on hosts and endpoints.

XCELIT’s Security Operations Centre (SOC) platform centralizes and automates threat hunting on endpoints across your cloud and on-premises environments, so we can detect and respond to threats wherever they unfold.

The ability to unify data from both cloud and on-premises endpoints allows XCELIT Security Operations Centre (SOC) to obtain a holistic view rather than a siloed view from different systems represents one of the main advantages of XCELIT’s Endpoint Detection and Response solution.

Log Management

ESSENTIALS

STANDARD

PREMIUM

Raw logs are an invaluable asset for forensic analysis and compliance mandates. If needed XCELIT’s Security Operations Centre (SOC) can review logs to find details about specific incidents, search the logs for instances using a specific IP address, or analyse the patterns of multiple attacks. Raw logs are maintained for a period of 12 months with extensions available if requested as part of your Master Services Agreement (MSA).

Compliance Management

ESSENTIALS

STANDARD

PREMIUM

XCELIT’s service combines the essential security technologies needed to demonstrate compliance against today’s most challenging regulatory standards such as PCI, HIPPA, ISO 27001 and NIST CSF, or to meet compliance to any internal IT system requirements.

Let XCELIT know what you need and XCELIT will provide you with our best available standardised reporting, or generate custom reports at an additional service fee if not readily available.

Email Alerts

ESSENTIALS

STANDARD

PREMIUM

For certain important events, you may want a notification to be sent to you or your team to inform them immediately. XCELIT Security Operations Centre (SOC) will set these up for you. If you do not have any specific requirements, XCELIT will recommend some and you may opt in if you choose.

File Integrity Monitoring

ESSENTIALS

STANDARD

PREMIUM

File Integrity Monitoring (FIM) refers to an IT security process and technology that tests and checks operating system (OS), database, and application software files to determine whether or not they have been tampered with or corrupted.

The process employed by XCELIT’s Security Operations Centre (SOC) is called syscheck. The syscheck process scans the host at user-defined intervals and stores checksums of watched files. A checksum is a small-sized datum derived from a block of digital data for the purpose of detecting errors that may have been introduced during its transmission or storage. The system then generates an event when a checksum changes.

XCELIT’s Security Operations Centre (SOC) system can also configure Windows systems so that host-based intrusion detection system (HIDS) agents forward object access audit events to the Security Operations Centre (SOC).

Audit events provide more information regarding the operations affecting file and folder objects, such as who performed specific actions or operations on an object.

System & User Behaviour Monitoring

ESSENTIALS

STANDARD

PREMIUM

User behaviour monitoring is a new approach to insider threat prevention and detection. XCELIT’s system determines what is normal use and then monitors for abnormal use.

Implementing user behaviour monitoring is obligatory to comply with a lot of industry standards (e.g. NIST, HIPAA, PCI DSS, etc.).

Context is critical when evaluating system and network behaviour. For example, an abundance of Skype traffic in the network used by your inside sales team is probably a normal part of operations. However, if the database server that houses your customer list suddenly shows a burst of Skype traffic something is likely wrong.

Therefore, as soon as your XCELIT Security Operations Centre (SOC) solution is implemented, behavioural monitoring functionality starts gathering data to help you understand normal system and network activity. XCELIT’s Security Operations Centre (SOC) solution provides network behavioural analysis with service availability monitoring to create a full picture of system, service, and network anomalies.

Monthly Reporting & Dashboard View

ESSENTIALS

STANDARD

PREMIUM

XCELIT can manage your reporting and dashboard needs.

Dashboards – Your internal IT team or curious nominated staff can access dashboards.

Reporting – XCELIT’s reports are designed so they are easy to understand, not just for IT professionals.

Reports can be delivered to you monthly, including PCI, NIST CSF, HIPAA, and ISO 27001 compliance reports, alarm reports, asset reports and create event reports.

SOC Security Operations Centre - SIEM Alarms

SOC Security Operations Centre - Asset Discovery

Integrating Ticketing & Alerting

ESSENTIALS

STANDARD

PREMIUM

XCELIT SOC can integrate with Service Now, Jira, Slack, Datadog. Jira being the most common ticketing and alerting system.

Orchestration with Security Tools

ESSENTIALS

STANDARD

PREMIUM

XCELIT’s Security Operations Centre (SOC) systems allow for orchestration and automation of threat detection and response across an ever-growing ecosystem of third-party security tools and IT applications, including Palo Alto Networks, Cisco Umbrella, Carbon Black, and many other Apps.

Automated Incident Response & Forensics

ESSENTIALS

STANDARD

PREMIUM

XCELIT’s Security Operations Centre (SOC) employs Automated Incident Response & Forensics with the intention of saving you money and reducing the cost of Cyber Security.

Automation expedites typical responses and repetitive tasks so little to no human intervention is required to detect and respond to security threats and incidents.

Digital forensics helps IT professionals (SOC Engineers and SOC Analysts) identify instances of cybercrime like malware and hacking.

By automating incident response, XCELIT’s Security Operations Centre (SOC) team can improve performance and save time, essentially giving you more for less, saving you money.

An example of automation is whereby as soon as ransomware is detected and an alarm is raised your system automatically responds by isolating the infected machines, allowing for a controlled response, rather than a mad dash to your servers or systems and frantically unplugging infrastructure.

With the right automated incident response, XCELIT and your IT security team combined can stay in control of their incident response (IR) activities and respond to threats and intrusions swiftly and effectively, with less manual work—no wire-ripping required.

Dark Web Monitoring

ESSENTIALS

STANDARD

PREMIUM

Dark Web Monitoring employed by XCELIT’s Security Operations Centre (SOC) leverages SpyCloud technology to monitor the dark web to discover if your users’ credentials, such as email addresses, usernames, and passwords, have been stolen.

If detected, XCELIT Security Operations Centre (SOC) alerts you so that you can respond swiftly to the compromise, such as requesting users to change details and cancel credit cards, ahead of a breach.

While momentarily inconvenient, your customers will thank you and the efforts of another hack will be thwarted.

Support for High Data Volumes

ESSENTIALS

STANDARD

PREMIUM

XCELIT’s system can manage your data needs, you need not be concerned about our capacity to cope. Importantly however, XCELIT’s implementation plan is structured to ensure you get maximum bang for your data scanning buck by avoiding white noise data.

Supports PCI Log Storage Requirements

ESSENTIALS

STANDARD

PREMIUM

Payment Card Industry Data Security Standard (PCI DSS) is a security standard used to ensure the safe and secure transfer of credit card data.

PCI DSS compliance software is a must-have for any organization that handles credit card data or other types of payment card data. Failure to comply can result in PCI DSS penalties and fines imposed daily, and a data breach resulting from non-compliance could cost millions in settlements, legal fees, and loss of reputation.

XCELIT’s Security Operations Centre (SOC) solution provides everything you need to get ready for your next PCI DSS audit in one affordable, easy-to-use solution. XCELIT’s Security Operations Centre (SOC) solution combines the essential security technologies you need to demonstrate compliance, including asset discovery, vulnerability assessment, log management, file integrity monitoring, and others. It also provides predefined compliance reports out of the box and automatic threat intelligence updates, helping you to stay in compliance with continuous security monitoring.

Advanced Threat Intelligence

ESSENTIALS

STANDARD

PREMIUM

XCELIT’s Security Operations Centre (SOC) systems provide up to date information related to sophisticated malware or hacking-based attacks targeting sensitive data. Where possible, XCELIT integrates with security tools to automate the response within your environment. With automated feeds of threat intelligence, combined with our Security Operations Centre (SOC) team of analysts XCELIT provides proactive threat hunting, enhanced abilities to prevent incidents before they occur, and respond to events in real time.

Included Sensors

ESSENTIALS

01

STANDARD

02

PREMIUM

04

Lightweight sensors and agents are the only components deployed in your environment.

Sensors employed by XCELIT provide deep security visibility into both your cloud and on-premises environments.

XCELIT’s Security Operations Centre (SOC) virtual sensors run on VMware and Microsoft Hyper-V to monitor your on-premises physical and virtual IT infrastructure. In the cloud, lightweight cloud sensors natively monitor Google Cloud, Amazon Web Services and Microsoft Azure Cloud.

Each sensor is purpose-built to fully leverage the native data collection methods of each environment: AWS, Azure, and on-premises physical and virtual infrastructure deployed on Hyper-V or VMware. Deployed agents collect data from your Windows and Linux endpoints.

Deployed sensors conduct scans, monitor packets on the networks, and collect logs from assets, the host hypervisor, and cloud environments. Collected information is stored in XCELIT’s Security Operations Centre (SOC) secure cloud and used by XCELIT’s Security Operations Centre (SOC) in providing Cyber Security services.

The deployment of sensors by XCELIT allows centralized security monitoring of your cloud, on-premises, and hybrid IT environments, including your endpoints and cloud apps like Office 365 and G Suite amongst others.

Available Plans

250GB / mth

ESSENTIALS

STANDARD

PREMIUM

GB stands for Gigabits and TB for Terabits, which is a way of measuring bandwidth or the volume of data that XCELIT Security Operations Centre (SOC) are analysing every month.

As a general rule the more systems and users you have, or employees using systems, the higher the volume of Gigabits you would be sending across your organisation and the larger the volume XCELIT should be scanning.

A business of 600 employees may use 250GB of data. However, the size of an organisation is not the best indicator as usage can be dependent on industry, for example a technology business will likely send more Gigabits than a medical practice for financial firm. However over 90% of all clients globally are on the smallest 250 GB plan with only large corporates, Governments and military using much larger plans.

Because you are paying per volume of data e.g., 250GB per month, XCELIT can work with you to limit which items in your network are included in your Cyber Security plan to manage cost.

XCELIT’s Security Operations Centre (SOC) solution allows you to filter which assets, and what information you gather and retain, which is determined in a scoping exercise.

It is important to understand that excluding components does introduce risk but there are logical savings that can be made. For example, it makes complete sense to monitor all activity on a Firewall. However, it would make no sense monitoring network switches as they produce a lot of noise (logs) and don’t impact the environment in regards to security monitoring.

Generally speaking, data usage will be consistent month to month, however, storage tiers increase dynamically, so as your business need and data grows, your plan is scalable to cover your Cyber Security needs.

Having scalable storage tiers also means that if you wish XCELIT can start with a small area of the network environment, setup the required filters / configuration and other needs to implement your plan and then slowly bring more parts of the business into the Security Operations Centre (SOC) monitoring solution. This allows XCELIT and you (our customer) to effectively control the growth of data retention, and pin right down into exactly what is needed to monitor the network environment and eliminate white noise.

Ultimately saving you money.

500GB / mth

ESSENTIALS

STANDARD

PREMIUM

GB stands for Gigabits and TB for Terabits, which is a way of measuring bandwidth or the volume of data that XCELIT Security Operations Centre (SOC) are analysing every month.

As a general rule the more systems and users you have, or employees using systems, the higher the volume of Gigabits you would be sending across your organisation and the larger the volume XCELIT should be scanning.

A business of 600 employees may use 250GB of data. However, the size of an organisation is not the best indicator as usage can be dependent on industry, for example a technology business will likely send more Gigabits than a medical practice for financial firm. However over 90% of all clients globally are on the smallest 250 GB plan with only large corporates, Governments and military using much larger plans.

Because you are paying per volume of data e.g., 250GB per month, XCELIT can work with you to limit which items in your network are included in your Cyber Security plan to manage cost.

XCELIT’s Security Operations Centre (SOC) solution allows you to filter which assets, and what information you gather and retain, which is determined in a scoping exercise.

It is important to understand that excluding components does introduce risk but there are logical savings that can be made. For example, it makes complete sense to monitor all activity on a Firewall. However, it would make no sense monitoring network switches as they produce a lot of noise (logs) and don’t impact the environment in regards to security monitoring.

Generally speaking, data usage will be consistent month to month, however, storage tiers increase dynamically, so as your business need and data grows, your plan is scalable to cover your Cyber Security needs.

Having scalable storage tiers also means that if you wish XCELIT can start with a small area of the network environment, setup the required filters / configuration and other needs to implement your plan and then slowly bring more parts of the business into the Security Operations Centre (SOC) monitoring solution. This allows XCELIT and you (our customer) to effectively control the growth of data retention, and pin right down into exactly what is needed to monitor the network environment and eliminate white noise.

Ultimately saving you money.

750GB / mth

ESSENTIALS

STANDARD

PREMIUM

GB stands for Gigabits and TB for Terabits, which is a way of measuring bandwidth or the volume of data that XCELIT Security Operations Centre (SOC) are analysing every month.

As a general rule the more systems and users you have, or employees using systems, the higher the volume of Gigabits you would be sending across your organisation and the larger the volume XCELIT should be scanning.

A business of 600 employees may use 250GB of data. However, the size of an organisation is not the best indicator as usage can be dependent on industry, for example a technology business will likely send more Gigabits than a medical practice for financial firm. However over 90% of all clients globally are on the smallest 250 GB plan with only large corporates, Governments and military using much larger plans.

Because you are paying per volume of data e.g., 250GB per month, XCELIT can work with you to limit which items in your network are included in your Cyber Security plan to manage cost.

XCELIT’s Security Operations Centre (SOC) solution allows you to filter which assets, and what information you gather and retain, which is determined in a scoping exercise.

It is important to understand that excluding components does introduce risk but there are logical savings that can be made. For example, it makes complete sense to monitor all activity on a Firewall. However, it would make no sense monitoring network switches as they produce a lot of noise (logs) and don’t impact the environment in regards to security monitoring.

Generally speaking, data usage will be consistent month to month, however, storage tiers increase dynamically, so as your business need and data grows, your plan is scalable to cover your Cyber Security needs.

Having scalable storage tiers also means that if you wish XCELIT can start with a small area of the network environment, setup the required filters / configuration and other needs to implement your plan and then slowly bring more parts of the business into the Security Operations Centre (SOC) monitoring solution. This allows XCELIT and you (our customer) to effectively control the growth of data retention, and pin right down into exactly what is needed to monitor the network environment and eliminate white noise.

Ultimately saving you money.

1TB / mth

ESSENTIALS

STANDARD

PREMIUM

GB stands for Gigabits and TB for Terabits, which is a way of measuring bandwidth or the volume of data that XCELIT Security Operations Centre (SOC) are analysing every month.

As a general rule the more systems and users you have, or employees using systems, the higher the volume of Gigabits you would be sending across your organisation and the larger the volume XCELIT should be scanning.

A business of 600 employees may use 250GB of data. However, the size of an organisation is not the best indicator as usage can be dependent on industry, for example a technology business will likely send more Gigabits than a medical practice for financial firm. However over 90% of all clients globally are on the smallest 250 GB plan with only large corporates, Governments and military using much larger plans.

Because you are paying per volume of data e.g., 250GB per month, XCELIT can work with you to limit which items in your network are included in your Cyber Security plan to manage cost.

XCELIT’s Security Operations Centre (SOC) solution allows you to filter which assets, and what information you gather and retain, which is determined in a scoping exercise.

It is important to understand that excluding components does introduce risk but there are logical savings that can be made. For example, it makes complete sense to monitor all activity on a Firewall. However, it would make no sense monitoring network switches as they produce a lot of noise (logs) and don’t impact the environment in regards to security monitoring.

Generally speaking, data usage will be consistent month to month, however, storage tiers increase dynamically, so as your business need and data grows, your plan is scalable to cover your Cyber Security needs.

Having scalable storage tiers also means that if you wish XCELIT can start with a small area of the network environment, setup the required filters / configuration and other needs to implement your plan and then slowly bring more parts of the business into the Security Operations Centre (SOC) monitoring solution. This allows XCELIT and you (our customer) to effectively control the growth of data retention, and pin right down into exactly what is needed to monitor the network environment and eliminate white noise.

Ultimately saving you money.

>1TB / mth

ESSENTIALS

STANDARD

PREMIUM

GB stands for Gigabits and TB for Terabits, which is a way of measuring bandwidth or the volume of data that XCELIT Security Operations Centre (SOC) are analysing every month.

As a general rule the more systems and users you have, or employees using systems, the higher the volume of Gigabits you would be sending across your organisation and the larger the volume XCELIT should be scanning.

A business of 600 employees may use 250GB of data. However, the size of an organisation is not the best indicator as usage can be dependent on industry, for example a technology business will likely send more Gigabits than a medical practice for financial firm. However over 90% of all clients globally are on the smallest 250 GB plan with only large corporates, Governments and military using much larger plans.

Because you are paying per volume of data e.g., 250GB per month, XCELIT can work with you to limit which items in your network are included in your Cyber Security plan to manage cost.

XCELIT’s Security Operations Centre (SOC) solution allows you to filter which assets, and what information you gather and retain, which is determined in a scoping exercise.

It is important to understand that excluding components does introduce risk but there are logical savings that can be made. For example, it makes complete sense to monitor all activity on a Firewall. However, it would make no sense monitoring network switches as they produce a lot of noise (logs) and don’t impact the environment in regards to security monitoring.

Generally speaking, data usage will be consistent month to month, however, storage tiers increase dynamically, so as your business need and data grows, your plan is scalable to cover your Cyber Security needs.

Having scalable storage tiers also means that if you wish XCELIT can start with a small area of the network environment, setup the required filters / configuration and other needs to implement your plan and then slowly bring more parts of the business into the Security Operations Centre (SOC) monitoring solution. This allows XCELIT and you (our customer) to effectively control the growth of data retention, and pin right down into exactly what is needed to monitor the network environment and eliminate white noise.

Ultimately saving you money.

Scalable, Flexible and Global SOC Security Operations Centre Solutions

Due to the scalability and flexibility of XCELIT’s SOC Security Operations Centre solution, XCELIT can work with SMB/SME as well as Corporate Enterprise in every industry.

XCELIT is flexible and can manage a full response or augment with your team as needed.

With XCELIT you decide the level of response XCELIT provides through an agreed Incident Response Plan, accommodating your SOC Security Operations Centre Cyber Security requirements.

XCELIT’s SOC Security Operations Centre Solution includes continuous security monitoring of all networks and devices including:

  • On-premises
  • Off-premises (Cloud)
  • Endpoints
  • SaaS/Apps

XCELIT will help you find the right SOC Security Operations Centre solution for your budget and business need. Reach out today for assistance.

Cyber Incident Response Planning

SOC Security Operations Centre - Cyber Incident Response Planning

XCELIT recommends every organisation have a Cyber Incident Response Plan.

If your organisation does not have a Cyber Incident Response Plan, XCELIT can assist you.

XCELIT uses an agreed Cyber Incident Response Plan to guide actions in response to threats.

Through application of the Cyber Incident Response Plan XCELIT provides your business with both clarity and peace of mind in knowing what actions are being taken and how threat response is being managed.

The first 30 Days

Every Client is unique. XCELIT works with you to design a SOC Security Operations Centre solution to match your needs, including creating a customised solution if XCELIT’s packaged solutions do not meet your needs.

Within the first 30 days of engagement XCELIT undertakes to:

  • Undertake remote deployment and onboarding engagement.
  • Provide a clear project plan and deliverable for go-live
  • Weekly onboarding status reports
  • Undertakes to learn your unique IT environment, priorities and goals through threat modelling exercises and service tuning.

Why XCELIT for SOC Security Operations Centre Solutions

Peace of Mind.

XCELIT leverages our Security Operations Centres (SOC) so customers of all sizes can meet the challenge of Cyber Security.

XCELIT’s SOC Security Operations Centre solutions help customers protect business data assets and reputation, so they can prosper.

XCELIT SOC Security Operations Centre Solutions go beyond Security Information and Event Management (SIEM) and Standard Security Operations Centre (SOC) services.

XCELIT’s systems, technology partners, combined expertise and customer commitment deliver a quality SOC Security Operations Centre solution, that provides deeper intelligence with faster response.

Try XCELIT for SOC Security Operations Centre Cyber Security.

Obtain the Peace of Mind XCELIT’s SOC Security Operations Centre solution can provide your business.

Why use XCELIT as a SOC Security Operations Centre provider

SOC Security Operations Centre - Flexible Options

Flexible Options

With XCELIT you have flexible options so you can build the Cyber Security solution and team that you need for your business.

If you’re uncertain of where to start or even what you need, then XCELIT can assist you in finding a cost-effective solution for your business relative to your budget constraints and needs.

SOC Security Operations Centre - Scalability

Scalability

No matter your need XCELIT has a solution for you.

Not only for now, but as your business grows.

No Matter your business size, XCELIT has a managed Cyber Security solution for you.

SOC Security Operations Centre - The best Cyber Security Talent

The Best Cyber Security Talent

Through XCELIT’s Managed Cyber Security Solutions you get access to the best Cyber Security talent for a fraction of the price of securing equivalent talent in house.

Gain the advantage without the cost.

SOC Security Operations Centre - Effective Reporting

Effective Reporting

Get meaningful reports you can use.

XCELIT generates reports that are suitable for all audiences and not just for your IT team, but all stakeholders so everyone can understand the risks, exposures and trends related to your Cyber Security.

SOC Security Operations Centre - Cost Effective

Cost Effective

Managed Cyber Security allows you to tap into resources for a fraction of the price you would pay in house for an equivalent solution.

XCELIT also manages training and industry knowledge updates, so you need not worry about Cyber Security and can focus on your core business.

SOC Security Operations Centre - 24.7.365 Support

24/7/365 Support

With XCELIT’s Managed Cyber Security Solution you get the support you need.

If you have a challenge related to Cyber Security, as a customer you can reach out to XCELIT 24/7/365, XCELIT has your back.

XCELIT - SOC Security Operations Centre

SOC Security Operations Centre - Stable

Stable

SOC Security Operations Centre - Reliable

Reliable

SOC Security Operations Centre - Flexible

Flexible

SOC Security Operations Centre - Transparent

Transparent

Request a 14 Day Free Trial

10 Key Features - SOC Security Operations Centre Solution

XCELIT deploys systems that combine essential security capabilities needed for effective SOC Security Operations Centre Cyber Security from a single operating system, visible from a single pane of glass.

Key features of XCELIT’ solution include asset discovery, vulnerability assessment, network intrusion detection (NIDS), endpoint detection and response (EDR), and SIEM event correlation and log management. Combined, XCELIT’s features and staff capabilities combine to provide advanced threat detection and response.

XCELIT’s SOC Security Operations Centre solution provides cloud security monitoring for IaaS (AWS®, Azure) and SaaS environments (Office 365, G Suite™, Okta, and Box), using APIs to continuously collect data from those environments. Backed up by extensive threat intelligence to address advanced threats before they become problematic for your business.

XCELIT’s SOC operates 24/7 to provide proactive alarm monitoring. XCELIT’s Security Analysts review every alarm, removing noise, non-actionable alarms and false positives, so focus can be applied to actual threats.

XCELIT’s analysts perform in-depth incident investigations to provide responders, as determined by the Incident Response Plan with timely, effective recommendations for containment of threats and remediation actions to ensure safe systems operations.

XCELIT augments with your team by undertaking in-depth, auditable trail, investigations into actionable alarms, escalating based on the Incident Response Plan to respond quickly and effectively to any identified security incident.

An auditable trail of threat intelligence, related alarms and events, conclusions, relevant files and response recommendations provides you with a consolidated view of the incident.

Backed up by XCELIT’s 24/7 SOC, XCELIT’s team are available to provide support. XCELIT however goes beyond the standard SOC Security Operations Centre solution and can even undertake incident response as determined by your Incident Response Plan using XCELIT’s built in security orchestration and automation capabilities.

XCELIT’s SOC Security Operations Centre solution deploys powerful security orchestration and automation capabilities to drive incident investigation and response reducing time to response reducing exposure to potential threats.

XCELIT’s Unified Security Management system includes over 300 app integrations with widely used IT, security, and business productivity tools including Box, Cisco Umbrella™, and Palo Alto Networks®. XCELIT’s Unified Security Management system, app integrations and deployed technology allows automated incident response actions towards networks, devices and other integrated security controls for significantly improved response times, minimising threats and maximising productivity.

XCELIT’s SOC Security Operations Centre solution is entirely transparent. Our customers have access to the same web based portal as our SOC analysts. If needed our SOC analysts are also available via phone, email and slack.

XCELIT is primarily driven to provide a premium SOC Security Operations Centre solution, as such, XCELIT sets stringent SLA’s starting at 5min for a Category 1, Critical Issue.

XCELIT’s analysts set monthly meetings with clients to:

– review all investigations and incident response activities.

– review service metrics related to agreed SLAs to ensure XCELIT can maintain delivery of the client’s security program objectives.

– anticipate future needs and meet clients ongoing expectations in a dynamic environment.

XCELIT supports client’s (PCI, NIST CSF, HIPAA, ISO 27001) compliance reporting requirements with pre-built reporting templates.

XCELIT’s SOC Security Operations Centre solution includes long term log storage, including raw log retention in a highly secure environment.

If you have a compliance need, XCELIT’s commissionable platform can meet your need.

The backbone of any SOC Security Operations Centre is the Threat Intelligence that the SOC Security Operations Centre solution is built upon.

With diverse sources including 1/3 of global internet traffic, deployed sensors combined and an Open Threat Exchange that includes 80,000 participants in 140 countries XCELIT’s Threat Intelligence is continuously updated with the best available intelligence on emerging and evolving threats.

Intelligence is useful but how intelligence is deployed is equally important. XCELIT’s partnered intelligence systems go deeper, analysing the Tools, Tactics, and Procedures (TTPs) used by threat actors so we can respond to threats as they move when low level identification such as IP’s have been exposed.

Continuously updated Threat Intelligence is used by XCELIT to perform high level automated threat detection and response, far beyond standard SOC Security Operations Centre solutions.

XCELIT’s SOC team deploys scanners and undertakes to understand your environment, security and compliance requirements and sets out the Incident Response Plan, tuning to your requirements within 30 days. With XCELIT you can have a premium, highly effective SOC Security Operations Centre solution in place, fast.

XCELIT deploys SOC Security Operations Centre so as to minimise ingestion, saving your budget.

XCELIT’s SOC Security Operations Centre solution is designed to be scalable, to meet your business needs now as well as into the future. You can increase your ingestion or coverage at any time, without complex contract changes.

XCELIT’s services are based on injection and data retained, you are not restrained by assets, environments or the number of employees you have. XCELIT is truly scalable and adaptable to your future needs.

Common Questions

A Cyber Security Operations Centre (CSOC or SOC) is a hub where a Cyber Security team manages security related issues for an organisation. The SOC is typically a location where analysts assess security risks using data processing technology and take action to minimise and remove cyber related threats.

SOC Security Operations Centre’s provide real time monitoring, detection, analysis of and response to cyber security threats.

XCELIT’s SOC Security Operations Centre, provides proactive detection and response to advanced targeted attacks by Threat Actors that have gone undetected by your existing perimeter controls, such as firewalls.

SOC analysts are the first responders to cyber-incidents. They report cyberthreats and then implement changes to protect an organization.

Job duties include:

– Provide threat and vulnerability analysis.

– Investigate, document and report on information security issues and emerging trends.

– Analyse and respond to previously undisclosed software and hardware vulnerabilities.

– Prepare organizational disaster recovery plans.

SOC analysts are generally part of a large security operations team. The SOC analyst role is the last line of defence against Threat Actors. Without SOC Analysts, hackers and other Threat Actors may never be found.

SOC analysts work alongside with Cyber Security engineers and security managers and most likely report to a chief information security officer (CISO).

A SOC analyst must have a steady and unshakable eye for detail, as they have to monitor many things at once. The SOC Analyst must watch and respond to a number of threats, and there may be different levels of responsibilities depending on how big the company is and how many SOC analyst’s it employs. From monitoring to reacting, a SOC analyst day is rarely the same from one to the next.

Cyber Security doesn’t have to be complex, however as an industry we have made it this way.

The trick is to watch out for sales agents claiming a product is more than it is, or even calling a product something that it is not. For example, it is not uncommon for claims of a 24/7/365 SOC to be applied to services that are not eye’s on glass, which is an over reach. In these cases, SOC Services may be applied during normal shifts, but not 24/7/365, although alarm monitoring may be.

XCELIT’s SOC Security Operations Centre Solution is a true 24/7/365 operation with eyes on glass.

SOC Security Operations Centre may also be known as:

MDR Cyber Security

CSOC Cyber Security Operations Center

CSOC Cyber Security Operations Centre

Managed Detection Response Cyber Security

Managed SOC Cyber Security

Managed Threat Detection Response Cyber Security

MTDR Cyber Security

Security Operations Center as a Service (SOCaaS)

Security Operations Centre as a Service (SOCaaS)

SIEM Cyber Security as a Service

SIEM Logging

SIEM SOC Solution

SOC as a Service

SOC Network Cyber Security

SOC Security Operations Center

SOC Security Operations Centre

Let's Talk

Error: Contact form not found.

Remote Teams

SOC Security Operations Centre - Remote Teams

In the modern work environment, we are used to workers being remote.

XCELIT was uniquely positioned to manage an event like the 2019/2020 COVID19 pandemic because staff are already used to working remotely and can continue working uninterrupted, while you continue to focus on your core business.

XCELIT works to ensure your business success and that means being available as needed, regardless of the challenges. XCELIT’s staff can work remotely, in fact, like your local staff, we allow the occasional WFH day which helps staff manage life and helps staff retention. Which ultimately helps XCELIT serve you better.

Contact Us