SOC-as-a-Service

SOC-as-a-Service

StratoZen’s SOC-as-a-Service offers flexible Security Operations Center (SOC) options for our clients. Building and maintaining a SOC in-house is prohibitively expensive for most organizations. Hiring a team of expert security analysts is very costly and turnover is notoriously high for in-house SOC teams. In addition, many organizations do not consider the ongoing training and professional development costs required to keep up with ever-changing technologies and threats. To address this need, StratoZen offers our SOC-as-a-Service that can be added to our SIEM-as-a-Service or (Co)Managed SIEM offerings.

Enhanced SOC-as-a-Service (ESOC)

Our Enhanced SOC option builds on the DCR service to deliver complete, 24/7 incident investigation. ESOC includes manual investigation of all high-severity incidents by highly trained StratoZen SOC analysts, 24/7. Analysts research the incident with additional scrutiny to add additional context and cross-correlate against our global network of monitored partner and client environments. According to your preferences, false positives and incidents that are not actionable will be marked as such to be included in the Daily Cybersecurity Review and reports. For true high-severity, actionable incidents, the analyst will manually notify your team via email or text and can also provide escalation calls if desired. This is all done within a 30-minute SLA.

ESOC includes all the services and features included with Daily Cybersecurity Reviews, plus additional benefits available exclusively to our ESOC clients.

First Priority Daily Cybersecurity Reviews
All ESOC clients automatically receive first priority for the Daily Cybersecurity Reviews. For these clients, DCR is performed before 8am US Eastern Time, every day, ranked by a weighted triage score.

Custom Response Guidance
ESOC clients can provide their own custom response guidance and incident response procedures. StratoZen will build your custom processes into our platform and automatically embed the guidance in your notifications.

Daily Cybersecurity Reviews (DCR)

StratoZen’s Daily Cybersecurity Review provides cost-efficient SOC monitoring and response support that meets regulatory requirements such as PCI, FFIEC, and HIPAA. With this service, StratoZen’s security analysts perform a daily, in-depth review of all your incidents, 7 days a week, 365 days a year. Each day’s review is tracked and logged to prove regulatory compliance. If any significant issues are found during the daily review, the analyst manually escalates the issue to you immediately.

Enhanced Response Guidance
Expanded and enhanced response guidance available with each ‘emergency’ and ‘high’ incident that includes information on what fired, why it fired, why it is important, and what specific steps need to be performed to remediate.

Enhanced Notifications
All ‘high’ and ‘emergency’ events are sent via automated processes to include data augmentation with known threat indicators, country of origin (where available), and additional OSINT as it is available allowing response personnel to make faster decisions.

Incident Response Support
Analysts are available 24/7 via email, phone, and/or screenshare to assist your team in responding to ‘emergency’ or ‘high’ severity Incidents.