With cybersecurity threats continuing to grow faster than security budgets, CISOs, CIOs and SecOps teams are left at a dangerous disadvantage. Even enterprises running their own Security Operations Centers (SOCs) find the perennial shortage of skills, tools, and other resources stops them from realizing the full value of investments. Rather than struggle to find – and hang on to – top talent with hands-on experience across network and cloud security, mid-sized enterprises are instead opting for SOC-as-a-Service offerings.

1. Netenrich SOC as-a-Service
a zero- intervention platform for threat detection and
response.
AI-driven, human-led.
©2020 Netenrich, Inc. All rights reserved.

2. SOC and Business Alignment
©2020 Netenrich, Inc. All rights reserved. 2
Source: Improving the Effectiveness of the Security Operations Center, Ponemon Institute 2019,

3. Why Not Aligned? Challenges
Private and confidential © Netenrich, Inc. 3
Skilled people
Tooling
Automation
Source: Improving the Effectiveness of the Security Operations Center, Ponemon Institute 2019,

4. SOC Comes with SIEM Challenges
Private and confidential © Netenrich, Inc. 4
A good security analyst can investigate
15 suspicious alerts per
day
to discover 1 or 2 actionable alerts per shift
 Throwing people at alert volume = a high
ops cost
 Alert fatigue
 Strained Security Ops
PEOPLE
Base use cases create a flood of alerts with
1,000+ suspicious
events
per 50M log events per day
 Lacking context
 Emerging threats go undetected
 Event investigation workflows are largely
manual
PROCES
S
An average enterprise uses
32 different security
vendors
 Siloed products
 Teams lack real time threat intel
 Multi-vendor environment makes
compliance complicated
TECHNOLOG
Y

5. SOCaaS Helping Security Evolve
Private and confidential © Netenrich, Inc. 5
STAGE 3
 Mature asset assessment
 Asset prioritization
 Repeatable security
framework
 Routine security
engagements
 Improved metrics, reporting
 Basic security logging
STAGE 4
 Mature IR plan with routine testing
 Proactive analysis of log data
 Automation for security operations
 Device and services hardening
 Mature runbook, process plan
 Real-time threat Intelligence
 Actionable recommendations
Customer maturity scale
24 X 7 security
monitoring
24 X 7 incident escalation with
remediation guidelines
Threat
intelligence
Compliance
reporting
Network flow behavior
analytics
User behavior
analytics
Insider threat
monitoring
Log management – 1
year
External security
assessments
Vulnerability
assessments
Web application
scanning
PCI DSS ASV
scanning
Penetration
testing
STAGE 1
 Reactive culture
 Product-based solutions
 Focus on simple perimeter
defense
 No visibility
 Absence of KB, metrics,
reporting
 Project backlog
STAGE 2
 Additional Tools (IDS/IPS,
AV) for detection and
prevention
 Basic reporting, visibility
 Creation of security policies
Services Delivered

6. Unique Value Addresses Pain Points
©2020 Netenrich, Inc. All rights reserved. 6
Deep context
w/ proprietary
intel
Dedicated
team of
experts
Enhanced
automated
analysis
Built in
models/use
cases
Custom
collector &
log retention
Source: Improving the Effectiveness of the Security Operations Center, Ponemon Institute 2019,

7. SOCaaS Architecture
Private and confidential © Netenrich, Inc. 7
Netenrich Security PlatformSIEM set-up
Level 2: Threat intel on in-built QRadar alerts
 24 X 7 security monitoring and incident
response
 Skilled SOC Analysts
 Threat intelligence
 Standardized Delivery Model
 Custom Dashboard & Widgets
 Tailored Reporting + Alerts
 Periodic Maturity Assessments
Qualified security incidents with
remediation guidelines
CSIRT
PROBLEM
SOLVERS
Custom Built Log Collector
 Custom Shipper
 Extended Security Monitoring
 Provides EPS Reduction
 Proprietary Connectors
 Rapid Onboarding Framework
 Direct ingestion of Logs to Cloud collectors
IP enhanced IBM QRadar implementation
 Proprietary Integration
 AI Based Analysis & Filtering
 Custom Business Context Use cases
 AI Augmented Actionable Alerts
 False Positive Reduction
 Log Retention
2 way - Incident
Automation
SinglePaneofGlasswithStandardizedDashboard
Level 1: Eradication of false positives
On-prem | Cloud | Custom Application Support
Netenrich SOC
Client’s ITSM solution

8. ©2020 Netenrich, Inc. All rights reserved. 8

9. ©2020 Netenrich, Inc. All rights reserved. 9

10. ©2020 Netenrich, Inc. All rights reserved. 10

11. ©2020 Netenrich, Inc. All rights reserved. 11

12. ©2020 Netenrich, Inc. All rights reserved. 12

13. ©2020 Netenrich, Inc. All rights reserved. 13

14. ©2020 Netenrich, Inc. All rights reserved. 14

15. ©2020 Netenrich, Inc. All rights reserved. 15

16. ©2020 Netenrich, Inc. All rights reserved. 16

17. 150+ clients
5000+ devices
30k+ EPS
SUSPICIOUS EVENTS
Low Level Alerts- e.g.: Port Scan
ACTIONABLE SECURITY EVENTS PER DAY
Very High-Level Alerts Investigated by SOC Analyst
EVENTS THAT TRIGGER REVIEW
High-Level Alerts- SOC Analyst
ATTACKS FROM ABUSIVE ATTACKERS
Mid-Level Alerts Correlated with Database
Filter Out Lower
Priority Events
Correlate Criticality
of Attacks
Advanced Correlation Content
& Threat Intelligence
Apply Content Rules &
SOC Analysts Investigate
250,000
5,000
25 - 50
2-5
100 Million Security Events
Monitored Per Day
Netenrich SOC – Technical Metrics

18. SOCaaS Enabling Your Team
©2020 Netenrich, Inc. All rights reserved. 18
Source: Improving the Effectiveness of the Security Operations Center, Ponemon Institute 2019,

19. Cost vs Outcomes
©2020 Netenrich, Inc. All rights reserved. 19
Requirements
40% reduction in EPS
50% faster onboarding
35% reduction in SOC cost
Enhanced detection
Elastic consumption (data
management)
Only contract the business
outcomes you need

20. Realign with the Business
©2020 Netenrich, Inc. All rights reserved. 20
Enable your people
Bridge skills gaps
Decrease risk while reducing cost
Optimize consumption
Drive outcomes

21. Hotel Chain Operating 13,063 Rooms Across 80
Locations in 7 Countries
Private and confidential © Netenrich, Inc. 21
STANDARD SERVICE LEVEL | MANAGED SECURITY SERVICES
250+Onboarded 250+ devices in
less than 15 business days
30+Custom use cases built per
customer needs
40%Reduction in false positives by
our AIOps engine
Integrated with AWS and
Azure native security solutions
Ingested customers’ threat
feeds into Netenrich Security
Integration with problem
management workflows for
faster remediation

22. Let’s Engage!
©2020 Netenrich, Inc. All rights reserved. 22
Thank you!Our Cybersec Strength
• 150+ Managed Security
Services customers
• 100+ best-in-class security
specialists
• 60+ R&D folks for Security
products
• 3 global delivery centers
www.netenrich.com