SlideShare a Scribd company logo

inSOC Sales Deck Dec 2020.pdf

C
ChristopherSumner7

In response to this challenge, inSOC has developed a layered security solution comprised of enterprise grade tool sets, framework-driven onboarding and escalation processes and a team of highly qualified security professionals that have eyes on glass 24/7/365. All inclusive pricing structures Mix and match offerings Flexible contract lengths Sales enablement Minimal operational overhead MSSP Accelerator self paced training Advanced cybersecurity certification leading to SSAE 19 certification MSSP Accelerator program is designed to fast track the MSP's security practice and unlock the potential revenue streams available by delivering enterprisegrade security services, via a self-paced online course and sales enablement. The Accelerator program can then lead to SSAE-19 certification underlining your value and enabling you to establish yourself as a leader in the field. SSAE 19 is a consultancy led certification program, taking a minimum 12 months to complete. We provide an advanced onboarding to harden environments to a set standard Our wraparound SOC team is lead by highly qualified security professionals including CISSPs and CCIEs, to ensure best-in-class delivery 24/7/365 And we base everything on the NIST Cybersecurity Framework inSOC’s tools and processes are centred around the NIST 800 Cybersecurity framework and the Centre for Internet Security’s Top 20 Critical Security Controls. The implementation of this known and trusted security framework significantly reduces the risk of breach in the first place, minimising alert noise and pinpointing true threats proactively and reactivel Benchmarks • Base on established security frameworks • We recommend the Center for Internet Security • Windows OS benchmark is 1200+ pages • Subscription to CIS for preconfigured GPO scripts Playbooks • Create benchmark playbooks to manage hardening tasks consistently • Base playbooks on established security frameworks and benchmarks • Capture audit ready evidence and attach to playbook • Manage tasks and dependent projects Change Control • Manage any hardening initiative with a standard change control methodology • Beta testing, user acceptance testing, release

Software
1 of 26
Download to read offline
Hannah Lloyd VP Channel Sales Introduction
Who are inSOC? 2 Award-winning team of industry veterans from a diverse MSP, vendor and security background, inSOC has one simple mission … … to bring enterprise- grade, framework-driven security practices and tools to MSPs and MSSPs at an SME friendly price point
Having spoken with solution providers of all sizes and maturity levels, inSOC recognised that they were often frustrated with the lack of enterprise grade cybersecurity solutions available to them that would protect their clients at a reasonable price point. 3 Market Need
The problem It is difficult to have full visibility of vulnerable points on the network without a complete monitoring solution. How would you know if a bad actor logged into your email from a computer in Russia? How would you know if a server was under attack or already breached? How would you know if a personally owned computer was attacking the network from the inside? The security conversation 4 Cyber risks are difficult to see and quantify and can be expensive to manage
Key problems People Data Toolset • Difficult and expensive to have experts in each tool internally • Security experts are hard to find and hire • The right people are expensive 5 • Either not all points of the network are being monitored leaving devices and systems vulnerable and in the unknown • Or too many alerts are being generated • Data is not correlated and critical alerts are difficult to pinpoint • Tools with the right capabilities come with enterprise price tags • Tools are disparate and difficult to manage • Without the right guidance and support it is a large burden on an existing team to learn and take alerts from a new tool
The solution In response to this challenge, inSOC has developed a layered security solution comprised of enterprise grade tool sets, framework-driven onboarding and escalation processes and a team of highly qualified security professionals that have eyes on glass 24/7/365. All at a fixed monthly cost 6
Made for MSPs and MSSPs 7 All inclusive pricing structures Mix and match offerings Flexible contract lengths Sales enablement Minimal operational overhead MSSP Accelerator self paced training Advanced cybersecurity certification leading to SSAE 19 certification
8 Kickstart your security practice with MSSP Accelerator MSSP Accelerator program is designed to fast track the MSP's security practice and unlock the potential revenue streams available by delivering enterprise- grade security services, via a self-paced online course and sales enablement. Take it to the next level with SSAE 19 Certification The Accelerator program can then lead to SSAE-19 certification underlining your value and enabling you to establish yourself as a leader in the field. SSAE 19 is a consultancy led certification program, taking a minimum 12 months to complete.
How it works A multi layered solution, comprising of next gen tools, monitoring services and CISSPs Next Gen SIEM Comprising of a hardware appliance to monitor all network traffic, deep packet inspection, intrusion detection, windows log monitoring and cloud API to monitor M365, AWS and Azure Powered by Vulnerability Management SCAP compliant vulnerability management system deployed to scan the entire network on a weekly basis, providing PCI certified reports. Powered by Wraparound SOC team who monitor the kill chain in real time, 24/7/365 days a year. SOC Monitoring 9
10 Vulnerability management Cloud and device monitoring Vulnerability management + cloud and device monitoring Essential Power Premium MSP Protect Vulnerability management with scheduled scans and weekly reporting Windows and Linux agent- based monitoring with API integration for cloud environments Vulnerability management with scheduled scans and weekly reports + Windows and Linux agent-based monitoring with API integration for cloud environments NFR package for MSP internal use only Agent-based SIEM for servers and workstations Cloud SIEM (O365/Gsuite/AWS & Azure Active Directory Network deep packet inspection Intrusion detection Sandboxing Vulnerability management Scheduled vulnerability scanning Weekly vulnerability reporting Compliance reports (PCI, GDPR, HIPAA, DFARS) 24/7/365 SOC monitoring SOC escalation SOC remediation SOC incident response CIS20 SOC reports Basic onboarding Advanced onboarding Plan 1 PLAN COMPARISON Plan 2 Plan 3 10
SIEM Sensor Placement 11 Network Sensor Internet Firewall Router Firewall Switch Management Port Listener Port Phone PC Phone PC Phone PC Phone PC Server Network traffic including HTTP & FTP sent to inSOC security sensor hosted on Data Processor (DP)
Cloud connector and Windows and Linux Agents Placement 12 Network Sensor Internet Firewall Router Firewall Switch Management Port Listener Port Phone PC Phone PC Phone PC Phone PC Server Network traffic including HTTP & FTP sent to inSOC security sensor hosted on Data Processor (DP) MS Office 365 and other cloud collectors inSOC Data Processor (DP) and Security Sensor
13 Vulnerability Managemen t Deployment Network Sensor Internet Firewall Router Firewall Switch Management Port Listener Port Phone PC Phone PC Phone PC Phone PC Server Company Website Firewall External Scanner Virtual NIC VASE Virtual Appliance Scan Engine Network traffic including HTTP & FTP sent to inSOC security sensor hosted on Data Processor (DP) MS Office 365 and other cloud collectors inSOC Data Processor (DP) and Security Sensor
14 Not just tools Tools without a security framework in place are not enough on their own. We provide an advanced onboarding to harden environments to a set standard Our wraparound SOC team is lead by highly qualified security professionals including CISSPs and CCIEs, to ensure best-in-class delivery 24/7/365 And we base everything on the NIST Cybersecurity Framework
15 NIST 800 cybersecurity framework A proven and trusted security foundation Asset Management Business Environment Governance Risk Assessment Risk Management Strategy Recovery Planning Improvements Communications Resilience Access Control Awareness & Training Data Security Information Protection Processes & Procedures Maintenance Protective Technology Anomalies & Events Security Continuous Monitoring Detection Alert Process Response Planning Communications Analysis Mitigation Improvements Protecting Controlled Unclassified Information in Non-Federal Systems and Organizations from intrusion, and business data from theft. 800-171 COMPLIANCE inSOC’s tools and processes are centred around the NIST 800 Cybersecurity framework and the Centre for Internet Security’s Top 20 Critical Security Controls. The implementation of this known and trusted security framework significantly reduces the risk of breach in the first place, minimising alert noise and pinpointing true threats proactively and reactively.
16 Implementation of the Top 6 CIS Critical Security controls could have prevented 85% of all cyber breaches Implementation of the Top 20 CIS Critical Security controls increases prevention to 95% CIS Top 20 Critical Security Controls v7 Prioritized NSA Rank CSC1 Inventory and Control of Hardware Assets VERY HIGH CSC2 Inventory and Control of Software Assets VERY HIGH CSC3 Continuous Vulnerability Management VERY HIGH CSC4 Controlled Use of Administrative Privileges VERY HIGH CSC5 Secure Configuration for Hardware and Software on Mobile Devices HIGH CSC6 Maintenance, Monitoring and Analysis of Audit Logs HIGH CSC7 Email and Web Browser Protections HIGH / MEDIUM CSC8 Malware Defenses HIGH / MEDIUM CSC9 Limitation and Control of Network Ports, Protocols, and Services HIGH / MEDIUM CSC10 Data Recovery Capabilities HIGH / MEDIUM CSC11 Secure Configuration for Network Devices, Such as Firewalls, Routers and Switches HIGH / MEDIUM CSC12 Boundary Defense MEDIUM CSC13 Data Protection MEDIUM CSC14 Controlled Access Based on the Need to Know MEDIUM CSC15 Wireless Access Control MEDIUM CSC16 Account Monitoring and Control MEDIUM CSC17 Implement a Security Awareness and Training Program MEDIUM CSC18 Application Software Security MEDIUM / LOW CSC19 Incident Response and Management LOW 85% 95%
Next Gen SIEM Exploitation (Critical/ Anomalous) Reconnaissance (Critical/ Anomalous) Delivery (Critical/ Anomalous) Installation (Critical/ Anomalous) Command & Control (Critical/ Anomalous) Actions & Exfiltration (Critical/ Anomalous) AI-based correlation Kill chain aligned to MITRE Reduces alert noise Unveil attack story Powered by 17
Vulnerability Management Powered by SCAP compliant vulnerability management system Weekly scans to comply with CSC 3 PCI certified reports All devices scanned and remediation recommendations provided from NIST databank 18
Advanced onboarding 19 Proactive hardening and tuning to protect your customer networks from the beginning Dedicated CISSP resource Installation assistance Tune the environment to cut alert noise Align with the NIST and CIS recognised cybersecurity frameworks Weekly progress review 30-45 days to completion
Hardening The Environment 20 Benchmarks • Base on established security frameworks • We recommend the Center for Internet Security • Windows OS benchmark is 1200+ pages • Subscription to CIS for preconfigured GPO scripts Playbooks • Create benchmark playbooks to manage hardening tasks consistently • Base playbooks on established security frameworks and benchmarks • Capture audit ready evidence and attach to playbook • Manage tasks and dependent projects Change Control • Manage any hardening initiative with a standard change control methodology • Beta testing, user acceptance testing, release
Basic Security Policies 21 Acceptable Use Asset Management Approved Remote Access Method Approved Cloud Storage & Applications Change Control Policy • Password policies • Screen locking policies • Non-disclosure agreements and policy agreement forms • Data encryption • #1 cause of malware and ransomware • Approved hardware and software assets only • Personal devices should be segregated to a guest network • What geographies need to communicate inbound to client production systems and data? • Providers should be SOC or ISO compliant • Data should be backed up and recoverable • Data loss prevention • MFA & SSO • Manage change • Communicate • Triage issues • Review and improve the process
Reporting Monthly risk assessment reporting to monitor and manage your risk score Weekly vulnerability reporting Regulatory and compliance reporting available from our CISSP team Monthly reporting compiled by our CISSP team 22
23
24
25
Cybersecurity consulting services Incident response Penetration testing Team of CISSPs acting as your company We partner to provide vCISO services for your clients Security Maturity Level Assessments – ‘foot in the door’ Regulatory and compliance requirements vCISO service enables you to get started selling cybersecurity now 26

Recommended

Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter
Rahul Neel Mani
 
8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf
Metaorange
 
Cy Cops Company Presentation
Cy Cops Company PresentationCy Cops Company Presentation
Cy Cops Company Presentation
ChaitanyaS
 
8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx
Metaorange
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat management
Rajendra Menon
 
Company_Profile_Updated_17032016
Company_Profile_Updated_17032016Company_Profile_Updated_17032016
Company_Profile_Updated_17032016Dr. Afnan Ullah Khan
 
Level 3 Security solutions
Level 3 Security solutionsLevel 3 Security solutions
Level 3 Security solutionsAlan Rudd
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
xband
 

Recommended

Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter
Rahul Neel Mani
 
8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf8 Top Cybersecurity Tools.pdf
8 Top Cybersecurity Tools.pdf
Metaorange
 
Cy Cops Company Presentation
Cy Cops Company PresentationCy Cops Company Presentation
Cy Cops Company Presentation
ChaitanyaS
 
8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx8 Top Cybersecurity Tools.pptx
8 Top Cybersecurity Tools.pptx
Metaorange
 
Marlabs cyber threat management
Marlabs cyber threat managementMarlabs cyber threat management
Marlabs cyber threat management
Rajendra Menon
 
Company_Profile_Updated_17032016
Company_Profile_Updated_17032016Company_Profile_Updated_17032016
Company_Profile_Updated_17032016Dr. Afnan Ullah Khan
 
Level 3 Security solutions
Level 3 Security solutionsLevel 3 Security solutions
Level 3 Security solutionsAlan Rudd
 
Complete Endpoint protection
Complete Endpoint protectionComplete Endpoint protection
Complete Endpoint protection
xband
 
ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data Security
International Communications Corporation
 
ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data Security
International Communications Corporation
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
Network Security: A Four Point Analysis of Appliances vs. the Cloud
Network Security: A Four Point Analysis of Appliances vs. the CloudNetwork Security: A Four Point Analysis of Appliances vs. the Cloud
Network Security: A Four Point Analysis of Appliances vs. the Cloud
OpenDNS
 
Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08kamensm02
 
Qualys Corporate Brochure
Qualys Corporate BrochureQualys Corporate Brochure
Qualys Corporate Brochure
Qualys
 
Cyberlink Deck
Cyberlink DeckCyberlink Deck
Cyberlink Deck
Gabe Schurman
 
Dhishant -Latest Resume
Dhishant -Latest ResumeDhishant -Latest Resume
Dhishant -Latest ResumeDhishant Abrol
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)Norm Barber
 
en_secur_br_secure_access_mobility
en_secur_br_secure_access_mobilityen_secur_br_secure_access_mobility
en_secur_br_secure_access_mobilityBrian Kesecker
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce Security
Rebecca Jones
 
Prabhu Resume
Prabhu ResumePrabhu Resume
Prabhu ResumePrabhu P
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto Presentation
Scalar Decisions
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?
MenloSecurity
 
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat DefenseSplunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White Paper
Mohd Anwar Jamal Faiz
 
MT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportMT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT Support
Dell EMC World
 
Top Tactics For Endpoint Security
Top Tactics For Endpoint SecurityTop Tactics For Endpoint Security
Top Tactics For Endpoint Security
Ben Rothke
 
SecureTower General Info
SecureTower General InfoSecureTower General Info
SecureTower General InfoAnton Lishchuk
 
SecurePass at OpenBrighton
SecurePass at OpenBrightonSecurePass at OpenBrighton
SecurePass at OpenBrightonGiuseppe Paterno'
 
A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
kalichargn70th171
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Anthony Dahanne
 

More Related Content

Similar to inSOC Sales Deck Dec 2020.pdf

ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data Security
International Communications Corporation
 
ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data Security
International Communications Corporation
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
Network Security: A Four Point Analysis of Appliances vs. the Cloud
Network Security: A Four Point Analysis of Appliances vs. the CloudNetwork Security: A Four Point Analysis of Appliances vs. the Cloud
Network Security: A Four Point Analysis of Appliances vs. the Cloud
OpenDNS
 
Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08kamensm02
 
Qualys Corporate Brochure
Qualys Corporate BrochureQualys Corporate Brochure
Qualys Corporate Brochure
Qualys
 
Cyberlink Deck
Cyberlink DeckCyberlink Deck
Cyberlink Deck
Gabe Schurman
 
Dhishant -Latest Resume
Dhishant -Latest ResumeDhishant -Latest Resume
Dhishant -Latest ResumeDhishant Abrol
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)Norm Barber
 
en_secur_br_secure_access_mobility
en_secur_br_secure_access_mobilityen_secur_br_secure_access_mobility
en_secur_br_secure_access_mobilityBrian Kesecker
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce Security
Rebecca Jones
 
Prabhu Resume
Prabhu ResumePrabhu Resume
Prabhu ResumePrabhu P
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto Presentation
Scalar Decisions
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?
MenloSecurity
 
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat DefenseSplunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White Paper
Mohd Anwar Jamal Faiz
 
MT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportMT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT Support
Dell EMC World
 
Top Tactics For Endpoint Security
Top Tactics For Endpoint SecurityTop Tactics For Endpoint Security
Top Tactics For Endpoint Security
Ben Rothke
 
SecureTower General Info
SecureTower General InfoSecureTower General Info
SecureTower General InfoAnton Lishchuk
 

Similar to inSOC Sales Deck Dec 2020.pdf (20)

ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data Security
 
ICC Networking Data Security
ICC Networking Data SecurityICC Networking Data Security
ICC Networking Data Security
 
Information Security
Information SecurityInformation Security
Information Security
 
Network Security: A Four Point Analysis of Appliances vs. the Cloud
Network Security: A Four Point Analysis of Appliances vs. the CloudNetwork Security: A Four Point Analysis of Appliances vs. the Cloud
Network Security: A Four Point Analysis of Appliances vs. the Cloud
 
Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08
 
Qualys Corporate Brochure
Qualys Corporate BrochureQualys Corporate Brochure
Qualys Corporate Brochure
 
Cyberlink Deck
Cyberlink DeckCyberlink Deck
Cyberlink Deck
 
Dhishant -Latest Resume
Dhishant -Latest ResumeDhishant -Latest Resume
Dhishant -Latest Resume
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
 
en_secur_br_secure_access_mobility
en_secur_br_secure_access_mobilityen_secur_br_secure_access_mobility
en_secur_br_secure_access_mobility
 
Ecommerce Security
Ecommerce SecurityEcommerce Security
Ecommerce Security
 
Prabhu Resume
Prabhu ResumePrabhu Resume
Prabhu Resume
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto Presentation
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?
 
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat DefenseSplunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat Defense
 
Security is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White PaperSecurity is our duty and we shall deliver it - White Paper
Security is our duty and we shall deliver it - White Paper
 
MT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT SupportMT17_Building Integrated and Secure Networks with limited IT Support
MT17_Building Integrated and Secure Networks with limited IT Support
 
Top Tactics For Endpoint Security
Top Tactics For Endpoint SecurityTop Tactics For Endpoint Security
Top Tactics For Endpoint Security
 
SecureTower General Info
SecureTower General InfoSecureTower General Info
SecureTower General Info
 
SecurePass at OpenBrighton
SecurePass at OpenBrightonSecurePass at OpenBrighton
SecurePass at OpenBrighton
 

Recently uploaded

A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
kalichargn70th171
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Anthony Dahanne
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Mind IT Systems
 
Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"
Donna Lenk
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
Adele Miller
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
Tendenci - The Open Source AMS (Association Management Software)
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
Globus
 
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
Tier1 app
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
Ortus Solutions, Corp
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
Paco van Beckhoven
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
Philip Schwarz
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
AMB-Review
 
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdf
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdfEnhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdf
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdf
Jay Das
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
abdulrafaychaudhry
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
wottaspaceseo
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
Google
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
Globus
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 

Recently uploaded (20)

A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
 
Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"Navigating the Metaverse: A Journey into Virtual Evolution"
Navigating the Metaverse: A Journey into Virtual Evolution"
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
 
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
 
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdf
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdfEnhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdf
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdf
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 

inSOC Sales Deck Dec 2020.pdf

  • 1. Hannah Lloyd VP Channel Sales Introduction
  • 2. Who are inSOC? 2 Award-winning team of industry veterans from a diverse MSP, vendor and security background, inSOC has one simple mission … … to bring enterprise- grade, framework-driven security practices and tools to MSPs and MSSPs at an SME friendly price point
  • 3. Having spoken with solution providers of all sizes and maturity levels, inSOC recognised that they were often frustrated with the lack of enterprise grade cybersecurity solutions available to them that would protect their clients at a reasonable price point. 3 Market Need
  • 4. The problem It is difficult to have full visibility of vulnerable points on the network without a complete monitoring solution. How would you know if a bad actor logged into your email from a computer in Russia? How would you know if a server was under attack or already breached? How would you know if a personally owned computer was attacking the network from the inside? The security conversation 4 Cyber risks are difficult to see and quantify and can be expensive to manage
  • 5. Key problems People Data Toolset • Difficult and expensive to have experts in each tool internally • Security experts are hard to find and hire • The right people are expensive 5 • Either not all points of the network are being monitored leaving devices and systems vulnerable and in the unknown • Or too many alerts are being generated • Data is not correlated and critical alerts are difficult to pinpoint • Tools with the right capabilities come with enterprise price tags • Tools are disparate and difficult to manage • Without the right guidance and support it is a large burden on an existing team to learn and take alerts from a new tool
  • 6. The solution In response to this challenge, inSOC has developed a layered security solution comprised of enterprise grade tool sets, framework-driven onboarding and escalation processes and a team of highly qualified security professionals that have eyes on glass 24/7/365. All at a fixed monthly cost 6
  • 7. Made for MSPs and MSSPs 7 All inclusive pricing structures Mix and match offerings Flexible contract lengths Sales enablement Minimal operational overhead MSSP Accelerator self paced training Advanced cybersecurity certification leading to SSAE 19 certification
  • 8. 8 Kickstart your security practice with MSSP Accelerator MSSP Accelerator program is designed to fast track the MSP's security practice and unlock the potential revenue streams available by delivering enterprise- grade security services, via a self-paced online course and sales enablement. Take it to the next level with SSAE 19 Certification The Accelerator program can then lead to SSAE-19 certification underlining your value and enabling you to establish yourself as a leader in the field. SSAE 19 is a consultancy led certification program, taking a minimum 12 months to complete.
  • 9. How it works A multi layered solution, comprising of next gen tools, monitoring services and CISSPs Next Gen SIEM Comprising of a hardware appliance to monitor all network traffic, deep packet inspection, intrusion detection, windows log monitoring and cloud API to monitor M365, AWS and Azure Powered by Vulnerability Management SCAP compliant vulnerability management system deployed to scan the entire network on a weekly basis, providing PCI certified reports. Powered by Wraparound SOC team who monitor the kill chain in real time, 24/7/365 days a year. SOC Monitoring 9
  • 10. 10 Vulnerability management Cloud and device monitoring Vulnerability management + cloud and device monitoring Essential Power Premium MSP Protect Vulnerability management with scheduled scans and weekly reporting Windows and Linux agent- based monitoring with API integration for cloud environments Vulnerability management with scheduled scans and weekly reports + Windows and Linux agent-based monitoring with API integration for cloud environments NFR package for MSP internal use only Agent-based SIEM for servers and workstations Cloud SIEM (O365/Gsuite/AWS & Azure Active Directory Network deep packet inspection Intrusion detection Sandboxing Vulnerability management Scheduled vulnerability scanning Weekly vulnerability reporting Compliance reports (PCI, GDPR, HIPAA, DFARS) 24/7/365 SOC monitoring SOC escalation SOC remediation SOC incident response CIS20 SOC reports Basic onboarding Advanced onboarding Plan 1 PLAN COMPARISON Plan 2 Plan 3 10
  • 11. SIEM Sensor Placement 11 Network Sensor Internet Firewall Router Firewall Switch Management Port Listener Port Phone PC Phone PC Phone PC Phone PC Server Network traffic including HTTP & FTP sent to inSOC security sensor hosted on Data Processor (DP)
  • 12. Cloud connector and Windows and Linux Agents Placement 12 Network Sensor Internet Firewall Router Firewall Switch Management Port Listener Port Phone PC Phone PC Phone PC Phone PC Server Network traffic including HTTP & FTP sent to inSOC security sensor hosted on Data Processor (DP) MS Office 365 and other cloud collectors inSOC Data Processor (DP) and Security Sensor
  • 13. 13 Vulnerability Managemen t Deployment Network Sensor Internet Firewall Router Firewall Switch Management Port Listener Port Phone PC Phone PC Phone PC Phone PC Server Company Website Firewall External Scanner Virtual NIC VASE Virtual Appliance Scan Engine Network traffic including HTTP & FTP sent to inSOC security sensor hosted on Data Processor (DP) MS Office 365 and other cloud collectors inSOC Data Processor (DP) and Security Sensor
  • 14. 14 Not just tools Tools without a security framework in place are not enough on their own. We provide an advanced onboarding to harden environments to a set standard Our wraparound SOC team is lead by highly qualified security professionals including CISSPs and CCIEs, to ensure best-in-class delivery 24/7/365 And we base everything on the NIST Cybersecurity Framework
  • 15. 15 NIST 800 cybersecurity framework A proven and trusted security foundation Asset Management Business Environment Governance Risk Assessment Risk Management Strategy Recovery Planning Improvements Communications Resilience Access Control Awareness & Training Data Security Information Protection Processes & Procedures Maintenance Protective Technology Anomalies & Events Security Continuous Monitoring Detection Alert Process Response Planning Communications Analysis Mitigation Improvements Protecting Controlled Unclassified Information in Non-Federal Systems and Organizations from intrusion, and business data from theft. 800-171 COMPLIANCE inSOC’s tools and processes are centred around the NIST 800 Cybersecurity framework and the Centre for Internet Security’s Top 20 Critical Security Controls. The implementation of this known and trusted security framework significantly reduces the risk of breach in the first place, minimising alert noise and pinpointing true threats proactively and reactively.
  • 16. 16 Implementation of the Top 6 CIS Critical Security controls could have prevented 85% of all cyber breaches Implementation of the Top 20 CIS Critical Security controls increases prevention to 95% CIS Top 20 Critical Security Controls v7 Prioritized NSA Rank CSC1 Inventory and Control of Hardware Assets VERY HIGH CSC2 Inventory and Control of Software Assets VERY HIGH CSC3 Continuous Vulnerability Management VERY HIGH CSC4 Controlled Use of Administrative Privileges VERY HIGH CSC5 Secure Configuration for Hardware and Software on Mobile Devices HIGH CSC6 Maintenance, Monitoring and Analysis of Audit Logs HIGH CSC7 Email and Web Browser Protections HIGH / MEDIUM CSC8 Malware Defenses HIGH / MEDIUM CSC9 Limitation and Control of Network Ports, Protocols, and Services HIGH / MEDIUM CSC10 Data Recovery Capabilities HIGH / MEDIUM CSC11 Secure Configuration for Network Devices, Such as Firewalls, Routers and Switches HIGH / MEDIUM CSC12 Boundary Defense MEDIUM CSC13 Data Protection MEDIUM CSC14 Controlled Access Based on the Need to Know MEDIUM CSC15 Wireless Access Control MEDIUM CSC16 Account Monitoring and Control MEDIUM CSC17 Implement a Security Awareness and Training Program MEDIUM CSC18 Application Software Security MEDIUM / LOW CSC19 Incident Response and Management LOW 85% 95%
  • 17. Next Gen SIEM Exploitation (Critical/ Anomalous) Reconnaissance (Critical/ Anomalous) Delivery (Critical/ Anomalous) Installation (Critical/ Anomalous) Command & Control (Critical/ Anomalous) Actions & Exfiltration (Critical/ Anomalous) AI-based correlation Kill chain aligned to MITRE Reduces alert noise Unveil attack story Powered by 17
  • 18. Vulnerability Management Powered by SCAP compliant vulnerability management system Weekly scans to comply with CSC 3 PCI certified reports All devices scanned and remediation recommendations provided from NIST databank 18
  • 19. Advanced onboarding 19 Proactive hardening and tuning to protect your customer networks from the beginning Dedicated CISSP resource Installation assistance Tune the environment to cut alert noise Align with the NIST and CIS recognised cybersecurity frameworks Weekly progress review 30-45 days to completion
  • 20. Hardening The Environment 20 Benchmarks • Base on established security frameworks • We recommend the Center for Internet Security • Windows OS benchmark is 1200+ pages • Subscription to CIS for preconfigured GPO scripts Playbooks • Create benchmark playbooks to manage hardening tasks consistently • Base playbooks on established security frameworks and benchmarks • Capture audit ready evidence and attach to playbook • Manage tasks and dependent projects Change Control • Manage any hardening initiative with a standard change control methodology • Beta testing, user acceptance testing, release
  • 21. Basic Security Policies 21 Acceptable Use Asset Management Approved Remote Access Method Approved Cloud Storage & Applications Change Control Policy • Password policies • Screen locking policies • Non-disclosure agreements and policy agreement forms • Data encryption • #1 cause of malware and ransomware • Approved hardware and software assets only • Personal devices should be segregated to a guest network • What geographies need to communicate inbound to client production systems and data? • Providers should be SOC or ISO compliant • Data should be backed up and recoverable • Data loss prevention • MFA & SSO • Manage change • Communicate • Triage issues • Review and improve the process
  • 22. Reporting Monthly risk assessment reporting to monitor and manage your risk score Weekly vulnerability reporting Regulatory and compliance reporting available from our CISSP team Monthly reporting compiled by our CISSP team 22
  • 23. 23
  • 24. 24
  • 25. 25
  • 26. Cybersecurity consulting services Incident response Penetration testing Team of CISSPs acting as your company We partner to provide vCISO services for your clients Security Maturity Level Assessments – ‘foot in the door’ Regulatory and compliance requirements vCISO service enables you to get started selling cybersecurity now 26