In response to this challenge, inSOC has developed a layered security solution comprised of enterprise grade tool sets, framework-driven onboarding and escalation processes and a team of highly qualified security professionals that have eyes on glass 24/7/365. All inclusive pricing structures Mix and match offerings Flexible contract lengths Sales enablement Minimal operational overhead MSSP Accelerator self paced training Advanced cybersecurity certification leading to SSAE 19 certification MSSP Accelerator program is designed to fast track the MSP's security practice and unlock the potential revenue streams available by delivering enterprisegrade security services, via a self-paced online course and sales enablement. The Accelerator program can then lead to SSAE-19 certification underlining your value and enabling you to establish yourself as a leader in the field. SSAE 19 is a consultancy led certification program, taking a minimum 12 months to complete. We provide an advanced onboarding to harden environments to a set standard Our wraparound SOC team is lead by highly qualified security professionals including CISSPs and CCIEs, to ensure best-in-class delivery 24/7/365 And we base everything on the NIST Cybersecurity Framework inSOC’s tools and processes are centred around the NIST 800 Cybersecurity framework and the Centre for Internet Security’s Top 20 Critical Security Controls. The implementation of this known and trusted security framework significantly reduces the risk of breach in the first place, minimising alert noise and pinpointing true threats proactively and reactivel Benchmarks • Base on established security frameworks • We recommend the Center for Internet Security • Windows OS benchmark is 1200+ pages • Subscription to CIS for preconfigured GPO scripts Playbooks • Create benchmark playbooks to manage hardening tasks consistently • Base playbooks on established security frameworks and benchmarks • Capture audit ready evidence and attach to playbook • Manage tasks and dependent projects Change Control • Manage any hardening initiative with a standard change control methodology • Beta testing, user acceptance testing, release

1. Hannah Lloyd
VP Channel Sales
Introduction

2. Who are inSOC?
2
Award-winning team of
industry veterans from a
diverse MSP, vendor
and security
background, inSOC has
one simple mission …
… to bring enterprise-
grade, framework-driven
security practices and tools
to MSPs and MSSPs at an
SME friendly price point

3. Having spoken with solution providers of all sizes and
maturity levels, inSOC recognised that they were often
frustrated with the lack of enterprise grade cybersecurity
solutions available to them that would protect their
clients at a reasonable price point.
3
Market
Need

4. The
problem
It is difficult to have full visibility of vulnerable points on the
network without a complete monitoring solution.
How would you know if a bad actor logged into your email
from a computer in Russia?
How would you know if a server was under attack or
already breached?
How would you know if a personally owned computer was
attacking the network from the inside?
The security conversation
4
Cyber risks are difficult to
see and quantify and can be
expensive to manage

5. Key problems
People Data Toolset
• Difficult and expensive to have
experts in each tool internally
• Security experts are hard to
find and hire
• The right people are expensive
5
• Either not all points of the
network are being monitored
leaving devices and systems
vulnerable and in the unknown
• Or too many alerts are being
generated
• Data is not correlated and
critical alerts are difficult to
pinpoint
• Tools with the right capabilities
come with enterprise price tags
• Tools are disparate and difficult
to manage
• Without the right guidance and
support it is a large burden on
an existing team to learn and
take alerts from a new tool

6. The solution
In response to this challenge, inSOC has
developed a layered security solution
comprised of enterprise grade tool sets,
framework-driven onboarding and escalation
processes and a team of highly qualified
security professionals that have eyes on glass
24/7/365.
All at a fixed
monthly cost
6

7. Made for
MSPs and
MSSPs
7
All inclusive pricing structures
Mix and match offerings
Flexible contract lengths
Sales enablement
Minimal operational overhead
MSSP Accelerator self paced training
Advanced cybersecurity certification leading
to SSAE 19 certification

8. 8
Kickstart your
security practice with
MSSP Accelerator
MSSP Accelerator
program is designed to
fast track the MSP's
security practice and
unlock the potential
revenue streams available
by delivering enterprise-
grade security services, via
a self-paced online course
and sales enablement.
Take it to the next
level with SSAE 19
Certification
The Accelerator program
can then lead to SSAE-19
certification underlining
your value and enabling you
to establish yourself as a
leader in the field. SSAE 19
is a consultancy led
certification program, taking
a minimum 12 months to
complete.

9. How it works
A multi layered solution, comprising of next gen tools, monitoring services and CISSPs
Next Gen
SIEM
Comprising of a hardware
appliance to monitor all network
traffic, deep packet inspection,
intrusion detection, windows log
monitoring and cloud API to
monitor M365, AWS and Azure
Powered by
Vulnerability
Management
SCAP compliant vulnerability
management system deployed to
scan the entire network on a
weekly basis, providing PCI
certified reports.
Powered by
Wraparound SOC team who
monitor the kill chain in real time,
24/7/365 days a year.
SOC
Monitoring
9

10. 10
Vulnerability
management
Cloud and
device monitoring
Vulnerability management
+ cloud and device
monitoring
Essential Power Premium MSP Protect
Vulnerability management
with scheduled scans and
weekly reporting
Windows and Linux agent-
based monitoring with API
integration for cloud
environments
Vulnerability management with
scheduled scans and weekly reports
+ Windows and Linux agent-based
monitoring with API integration for
cloud environments
NFR package for MSP
internal use only
Agent-based SIEM for servers and
workstations
Cloud SIEM (O365/Gsuite/AWS & Azure
Active Directory
Network deep packet inspection
Intrusion detection
Sandboxing
Vulnerability management
Scheduled vulnerability scanning
Weekly vulnerability reporting
Compliance reports (PCI, GDPR, HIPAA,
DFARS)
24/7/365 SOC monitoring
SOC escalation
SOC remediation
SOC incident response
CIS20 SOC reports
Basic onboarding
Advanced onboarding
Plan 1
PLAN
COMPARISON
Plan 2 Plan 3
10

11. SIEM
Sensor
Placement
11
Network Sensor
Internet
Firewall
Router
Firewall
Switch
Management Port
Listener Port
Phone
PC
Phone
PC
Phone
PC
Phone
PC
Server
Network traffic
including HTTP &
FTP sent to inSOC
security sensor
hosted on Data
Processor (DP)

12. Cloud
connector and
Windows and
Linux Agents
Placement
12
Network Sensor
Internet
Firewall
Router
Firewall
Switch
Management Port
Listener Port
Phone
PC
Phone
PC
Phone
PC
Phone
PC
Server
Network traffic
including HTTP &
FTP sent to inSOC
security sensor
hosted on Data
Processor (DP)
MS Office 365 and other
cloud collectors
inSOC Data Processor (DP)
and Security Sensor

13. 13
Vulnerability
Managemen
t
Deployment
Network Sensor
Internet
Firewall
Router
Firewall
Switch
Management Port
Listener Port
Phone
PC
Phone
PC
Phone
PC
Phone
PC
Server
Company
Website
Firewall External Scanner
Virtual NIC
VASE
Virtual Appliance Scan Engine
Network traffic
including HTTP &
FTP sent to inSOC
security sensor
hosted on Data
Processor (DP)
MS Office 365 and other
cloud collectors
inSOC Data Processor (DP)
and Security Sensor

14. 14
Not just tools
Tools without a security framework in place are not enough on their own.
We provide an
advanced onboarding
to harden
environments to a set
standard
Our wraparound SOC
team is lead by highly
qualified security
professionals including
CISSPs and CCIEs, to
ensure best-in-class
delivery 24/7/365
And we base
everything on the NIST
Cybersecurity
Framework

15. 15
NIST 800 cybersecurity
framework
A proven and trusted security foundation
Asset Management
Business Environment
Governance
Risk Assessment
Risk Management Strategy
Recovery Planning
Improvements
Communications
Resilience
Access Control
Awareness &
Training
Data Security
Information
Protection
Processes &
Procedures
Maintenance
Protective
Technology
Anomalies & Events
Security Continuous
Monitoring
Detection Alert
Process
Response Planning
Communications
Analysis
Mitigation
Improvements
Protecting Controlled
Unclassified Information in
Non-Federal Systems and
Organizations from
intrusion,
and business data from
theft.
800-171 COMPLIANCE
inSOC’s tools and processes are centred
around the NIST 800 Cybersecurity
framework and the Centre for Internet
Security’s Top 20 Critical Security Controls.
The implementation of this known and
trusted security framework significantly
reduces the risk of breach in the first place,
minimising alert noise and pinpointing true
threats proactively and reactively.

16. 16
Implementation of the Top 6 CIS
Critical Security controls could have
prevented 85% of all cyber breaches
Implementation of the Top 20 CIS
Critical Security controls increases
prevention to 95%
CIS Top 20 Critical Security Controls v7 Prioritized NSA Rank
CSC1 Inventory and Control of Hardware Assets VERY HIGH
CSC2 Inventory and Control of Software Assets VERY HIGH
CSC3 Continuous Vulnerability Management VERY HIGH
CSC4 Controlled Use of Administrative Privileges VERY HIGH
CSC5 Secure Configuration for Hardware and Software on Mobile Devices HIGH
CSC6 Maintenance, Monitoring and Analysis of Audit Logs HIGH
CSC7 Email and Web Browser Protections HIGH / MEDIUM
CSC8 Malware Defenses HIGH / MEDIUM
CSC9 Limitation and Control of Network Ports, Protocols, and Services HIGH / MEDIUM
CSC10 Data Recovery Capabilities HIGH / MEDIUM
CSC11 Secure Configuration for Network Devices, Such as Firewalls, Routers and Switches HIGH / MEDIUM
CSC12 Boundary Defense MEDIUM
CSC13 Data Protection MEDIUM
CSC14 Controlled Access Based on the Need to Know MEDIUM
CSC15 Wireless Access Control MEDIUM
CSC16 Account Monitoring and Control MEDIUM
CSC17 Implement a Security Awareness and Training Program MEDIUM
CSC18 Application Software Security MEDIUM / LOW
CSC19 Incident Response and Management LOW
85% 95%

17. Next Gen SIEM
Exploitation
(Critical/
Anomalous)
Reconnaissance
(Critical/
Anomalous)
Delivery
(Critical/
Anomalous)
Installation
(Critical/
Anomalous)
Command &
Control
(Critical/
Anomalous)
Actions &
Exfiltration
(Critical/
Anomalous)
AI-based
correlation
Kill chain
aligned to
MITRE
Reduces alert
noise
Unveil attack
story
Powered
by
17

18. Vulnerability Management Powered
by
SCAP
compliant
vulnerability
management
system
Weekly scans
to comply with
CSC 3
PCI certified
reports
All devices
scanned and
remediation
recommendations
provided from
NIST databank
18

19. Advanced onboarding
19
Proactive hardening and tuning to protect your customer
networks from the beginning
Dedicated
CISSP
resource
Installation
assistance
Tune the
environment to
cut alert noise
Align with the
NIST and CIS
recognised
cybersecurity
frameworks
Weekly
progress
review
30-45 days to
completion

20. Hardening
The
Environment
20
Benchmarks
• Base on established security frameworks
• We recommend the Center for Internet Security
• Windows OS benchmark is 1200+ pages
• Subscription to CIS for preconfigured GPO scripts
Playbooks
• Create benchmark playbooks to manage hardening tasks consistently
• Base playbooks on established security frameworks and benchmarks
• Capture audit ready evidence and attach to playbook
• Manage tasks and dependent projects
Change Control
• Manage any hardening initiative with a standard change control methodology
• Beta testing, user acceptance testing, release

21. Basic Security Policies
21
Acceptable
Use
Asset
Management
Approved Remote
Access Method
Approved Cloud
Storage & Applications
Change
Control Policy
• Password policies
• Screen locking policies
• Non-disclosure
agreements and policy
agreement forms
• Data encryption
• #1 cause of malware and
ransomware
• Approved hardware and
software assets only
• Personal devices should
be segregated to a guest
network
• What geographies need
to communicate
inbound to client
production systems and
data?
• Providers should be SOC
or ISO compliant
• Data should be backed
up and recoverable
• Data loss prevention
• MFA & SSO
• Manage change
• Communicate
• Triage issues
• Review and improve the
process

22. Reporting
Monthly risk
assessment reporting
to monitor and
manage your risk
score
Weekly vulnerability
reporting
Regulatory and
compliance reporting
available from our
CISSP team
Monthly reporting
compiled by our CISSP
team
22

23. 23

24. 24

25. 25

26. Cybersecurity
consulting services
Incident response
Penetration testing
Team of CISSPs acting as your
company
We partner to provide vCISO
services for your clients
Security Maturity Level
Assessments – ‘foot in the door’
Regulatory and compliance
requirements
vCISO service enables you to
get started selling
cybersecurity now
26