Security Operations Center as a Service:
RocketCyber Managed SOC is a managed security operation center that leverages the RocketCyber Threat Monitoring Platform to detect malicious and suspicious activity across three critical attack vectors – endpoint, network, and cloud. It offers a cloud architecture fueled with integrated threat intelligence, and a built-in app store with purpose-built threat detection apps that enable MSPs to deliver 24/7 threat monitoring.
The service is comprised of an elite team of security veterans and experts who proactively hunt and investigate threat activity across your base of managed small-business customers. RocketCyber performs the triage of detections and works with you on the remediation when an actionable threat is discovered.
Note: When something is identified the threat will be routed to your inhouse IT. The services can not make changes to your network, or devices. But will provide recommended steps on how to fix the security threat.
Billing is done per device, with a device defined as any of the following types that communicate with the RocketCyber Managed SOC during the monthly billing period:
- Windows OS device running Windows 7, 8, or 10
- Windows Server OS device running Windows Server 2008R2, or Windows Server 2012, 2016, or 2018.
- macOS device running macOS 10.14 or higher
- Firewalls from Barracuda, Cisco Meraki, Fortinet, PfSense, SonicWall, Sophos, WatchGuard, Ubiquti, and Untangle.
Gain one step ahead of attackers by tapping into the expertise of veterans who’ve been on the forefront of investigating global threats such as Code Red Worm (2001), Slammer (2003), Stuxnet (2010), Cryptolocker trojan (2013) and the Bluekeep exploit (2019).
RocketCyber Managed SOC requires no long-term commitments and helps save time and money through a service that can be by getting fully operational and deployed within a few minutes.
We can leverage SIEMless Log Monitoring to monitor, search, alert and report on the 3 attack pillars, with log data spanning Windows and macOS security events, firewall and network device events, and Office 365 and Azure AD cloud events.
RocketCyber Threat Intelligence & Hunting delivers real-time threat intelligence monitoring and premium intel feeds from security partners to provide a global repository of threat indicators. The Manage SOC offers Breach Detection to identify adversaries that evade traditional cyber defenses such as firewalls and AV. It identifies attacker TTPs and aligns with Mitre Attack to produce a forensic timeline of chronological events to deter the intruder before a breach occurs.
Intrusion Monitoring offers real-time monitoring of malicious and suspicious activity, identifying indicators such as connections to terrorist nations, unauthorized TCP/UDP services, and backdoor connections to C2 servers. For NextGen Malware, We can use your own malware prevention or leverage the RocketCyber command and control app for Microsoft Defender, backed up with a secondary line of defense using RocketCyber malicious detection of files, tools, processes and more.
RocketCyber SOC analysts investigate each alert, triaging the data, and producing a ticket to your inhouse IT Team, accompanied with the remedy details so you can focus on your operations without having to depend on internal security engineers.
RocketCyber App Store
The extensive RocketCyber App Store features threat detection integrations that provide solutions for a wide range of cybersecurity use cases.
Each app is purposely built to detect malicious/suspicious activity spanning endpoint, network and cloud attack pillars. When threats are detected, RocketCyber provides the inhouse techs with operator reporting, a triage view, and the ability to receive incident tickets the preferred PSA tool.
RocketCyber Managed SOC integrates with several security vendors, with apps that report threat detections and deliver the results to the RocketCyber SOC Platform. The apps include IRONSCALES Email Security Analyzer, BitDefender Monitor, and SentinelOne Monitor.
The RocketCyber App Store also includes key apps for strengthening the overall security of Microsoft solutions with:
- Office 365 Log Monitor: Multi-tenant event log monitor for all accounts linked to Microsoft Office 365 providing visibility into users, groups, Azure Active Directory activity and more.
- Office 365 Log Analyzer: Detects successful and unsuccessful logins outside the expected countries, known malicious IP addresses and adversaries, exposing unauthorized authentication activity.
- Office 365 Secure Score: Overall description of cloud security posture with itemized remediation plans across all Office 365 tenants.
- SIEMless log monitoring
- Threat intelligence and hunting
- Breach detection and intrusion monitoring
- NextGen malware protection
- PSA ticketing
- Extensive RocketCyber App Store
- 24X7 continuous monitoring
- Always-on threat detection in real-time
- RocketCyber default SOC Platform configuration
- No hardware required