Contact Us

Contact Us

Please get in touch using the form below

1000 characters left
View our privacy policy

Overview

Redscan Managed SOC Services

Redscan’s Managed SOC and Co-Managed SOC are outsourced services designed to help organisations of all sizes improve their ability to detect and respond to threats at a fraction of the price of building a SOC in-house.

Our CREST accredited, UK-based SOC consists of security analysts, engineers, threat researchers and incident responders who work as a virtual extension of our customers’ in-house teams, managing and monitoring the latest detection technologies to hunt for and eliminate threats in their infancy, 24/7/365.

SOC Definition

What is a SOC?

A Security Operations Centre (SOC) is a facility that houses a dedicated team responsible for maintaining and improving an organisation’s cyber security. A SOC or CSOC is equipped with a range of security technologies which are used by the personnel that work within them to help prevent, detect and respond to cyber threats.

Developing a SOC capability should be a priority for any organisation seeking to elevate its cyber maturity. As threats evolve to bypass traditional signature-based defences, organisations must improve their ability to prevent, detect and respond to them. A Cyber Security Operations Centre provides the capability organisations need, 24/7.

SOC Personnel

SOC personnel typically include:

  • A SOC Manager
  • Security Analysts
  • Security Engineers
  • Incident Responders

Challenges

The challenges of operating an in-house SOC

One of the main challenges businesses face when seeking to make improvements to cyber security is overcoming the vast expense associated with building and maintaining an in-house CSOC operation.

Implementing the latest technologies and monitoring them 24/7 is costly, compounded by the fact that the qualified security experts needed to carry out day-to-day operations are in short supply and therefore expensive to recruit and retain.

An infected endpoint being isolated from a network

Discuss your SOC requirements

Get in touch

A person choosing from a range of Managed Security Services

Managed SOC

Why consider a Managed SOC service?

To reduce the strain on already stretched IT teams, many organisations are turning to managed SOC or co-managed SOC services to meet their security needs. Acting as a virtual extension of in-house resources, a managed CSOC relieves organisations of the responsibility of managing security day-to-day.
Key functions a Managed SOC undertakes includes:

• Technology deployment and management
• Incident prevention
• Security event monitoring
• Alert analysis and investigation
• Threat intelligence management

SOC FAQ

Managed SOC FAQs

What does SOC stand for?

SOC in cyber security stands for Security Operations Centre – a specialist facility that includes the people, technology and threat intelligence organisations need to monitor and improve their cyber security posture. A SOC is sometimes referred to as a CSOC (Cyber Security Operations Centre) – the terms are largely synonymous.

What does a SOC do?

A SOC is made up of security analysts, engineers and responders tasked with preventing, detecting, responding to and remediating cyber threats around-the-clock. SOCs are typically responsible for activities such as system deployment and management, log management and monitoring, incident investigation and triage, vulnerability management and compliance reporting.

What is a SOC analyst?

A SOC analyst is a cyber security professional who works as part of the team responsible for monitoring IT infrastructure to identify security weaknesses and detect and respond to threats. Check out the latest SOC Analyst, Junior SOC Analyst and Senior SOC Analyst roles on our website.

What is the difference between SOC and NOC?

A Network Operations Centre (NOC) is responsible for maintaining and monitoring IT systems and preventing network interruption and downtime. A NOC isn’t responsible for cyber security, which is the traditional remit of a Security Operations Centre (SOC).

What makes a good SOC?

The three pillars of a successful SOC are people, process and technology. A good Security Operations Centre will be made up of a team of experts who manage and monitor threat detection technologies around the clock, using advanced analytics, integrated intelligence and custom automation processes to provide continuous threat detection and response.

What are the tools used in a SOC?

The tools used in a SOC or co-managed SOC will vary from one environment to another, but the one essential purpose they share is data collection. To identify threats, a SOC needs a vast amount of telemetry and event data to be collated, analysed, contextualised and enriched. SOC tools could include SIEM, IDS, EDR, UEBA, NTA, vulnerability scanning and behavioural monitoring technologies.

What should a SOC monitor?

A SOC should use a number of different technologies to help identify threats across an organisation’s complete IT environment. SOC tools should monitor network traffic, event logs and endpoint activity. Security experts can then collate and analyse this information and use it to identify threats and shut them down before they cause damage and disruption.

How do you implement a SOC?

Building and implementing a SOC is far from an overnight process. It requires an extensive period of design and strategy planning, in which SOC processes are created and training is undertaken.

The work isn’t over after implementation – SOC use cases need to be developed and the facility has to be maintained and developed over time. For any organisation lacking the resources to build and staff 24/7 operation, a co-managed SOC or fully-managed SOC will prove a cost-effective option to help bridge the gap.

What is a managed SOC?

A managed SOC, sometimes referred to as SOC as-a-service, is an outsourced security service that provides organisations with a SOC capability for a cost-effective subscription. A managed SOC works as a virtual extension of in-house resources to deploy and manage security technologies, monitor and triage alerts, analyse and investigate threats and support incident response. SOC services take many different forms, including a fully Outsourced SOC, Virtual SOC or Co-managed SOC, where responsibilities are split between the buyer and service provider.

How much does a SOC cost?

As you might expect, the cost of a SOC varies significantly from organisation to organisation. Implementing the latest technologies and monitoring them 24/7 is costly, and the certified security experts needed to carry out day-to-day operations don’t come cheap. Even for a medium-sized business, costs can quickly escalate into the millions, with recent research from the Ponemon Institute suggesting an average annual spend of over £2.5 million. Outsourcing the SOC function should yield significant cost-savings – for many organisations the subscription fee will be lower than the equivalent cost of hiring just a small team of analysts to cover a 24/7 shift rota.

CREST SOC

Why choose Redscan’s CREST-accredited CSOC to protect your business?

When you outsource your SOC requirements to Redscan, you gain ongoing personalised support and advice through our world-class security operations centre. This includes:

Fully certified experts

Our experienced CSOC team of security analysts, engineers and researchers are accredited to the highest professional standards.

Cutting-edge detection technology

Our CSOC personnel are trained to apply a wide range of security technologies, allowing us to integrate with your existing systems or help you choose the most appropriate for your needs.

Advanced security analytics

Our SOC team analyse, triage and prioritise alerts generated by your organisation’s underlying security technologies, only communicating those which require your attention.

Key certifications

Our SOC holds CREST accreditation and complies with key quality standards such as ISO 9001 and ISO 27001.

Integrated intelligence

We aggregate threat intelligence from a range of external sources and combine this with internal cyber research from Redscan Labs to ensure our customers are protected against the latest threats.

Swift incident response

Our experience of managing critical security incidents means we are highly knowledgeable about how to respond to breaches and minimise the disruption attacks can cause.

CyberOps™

CyberOps is the threat management platform our SOC experts use to notify your in-house security team of incidents and supply the actionable mitigation guidance they need to respond quickly and effectively.

Stakeholder reporting

Our custom-produced reports provide clear and actionable security intelligence, with prioritised remedial actions which will help you solve complex security issues and improve organisational understanding of the threats you face.

What our customers say

4.8/5 - based on 53 Reviews
“Redscan’s security experts work hand in hand with our in-house team, providing us with the insights we need to identify and eliminate threats across our environment 24/7.
IT Security & Infrastructure Director
“Thanks to Redscan, we’re in an infinitely better place now. We have got more visibility than we ever had, and critically, in all the right places. I can now sleep easy knowing that Redscan’s expertise is protecting our business.”
Head of Technology & Cybersecurity
Housebuilding Company
“With so much organisational change, this is a time of incredible pressure on our small team. Partnering with Redscan is making it easier for us to address the security challenges of business consolidation.”
Head of IT Security
Global Plastics Manufacturer
“Redscan staff are always on hand to provide swift, clear advice. They help us keep a constant eye on our network and respond quickly to incidents to ensure systems remain operational.”
IT Director
Private Hospital
“I can offer a higher level of assurance at board level about our information security now. Redscan gives us a broader lens on a complex and changing environment.”
IT Director
Global Asset Manager
“We now know we’ve got eyes on our critical assets and that those events are being looked at, scrutinised, triaged and qualified as legitimate or false positives. That is night and day in contrast with where we were before our relationship with Redscan.”
Head of Technology & Cybersecurity
Housebuilding Company
"Redscan's cost effective service gives us peace of mind that we are doing all we can to protect our clients, our business, our staff, our counterparties and other partners."
Head of IT Infrastructure
Asset Management Firm
“Faster incident alerting enables us to better understand what is going on in our network and react more quickly. From an advice side of things, it’s great to be able to talk to knowledgeable people and discuss solutions to help mitigate our security risks.”
Head of IT Security
Global Plastics Manufacturer
“With Redscan, we are able to understand and quickly identify any threats. Redscan’s support gives us the freedom to feel more secure and be more productive.”  
Head of IT
Global Shipping Company
“By working in partnership with Redscan, we have significantly improved our operational resilience.”  
Head of Cyber Security
Specialist bank
“Thanks to Redscan we now have a solution that gives us the ability to monitor, isolate and eliminate threats across our IT infrastructure.”
Head of IT
Private Hospital
“The personal approach is something I noticed from my first engagement with Redscan and it is still true today. We have 30 locations worldwide and it is valuable to have a third party being proactive in identifying potential security issues.”
Head of IT
Global Shipping Company
“Services like these are few and far between.”
Head of IT Infrastructure
Asset Management Firm
“I value the fact that Redscan aggregates insight about the cyber-attacks it sees on other customers and retrospectively applies it to other organisations, so we all benefit from that knowledge.”  
Head of Cyber Security
Specialist bank
"Our partnership with Redscan has been one of the most successful that we have ever undertaken"
IT Director
Global Asset Manager

About us

Why choose Kroll?

  • A leading global MDR company
  • Red and blue team CREST CSOC expertise
  • High-quality intelligence and actionable outcomes
  • Quick and hassle-free service deployment
  • An agnostic approach to technology selection
  • Avg. 9/10 customer satisfaction, 95% retention rate

Get in touch

Complete the form for a prompt response from our team.

Two Redscan team members analysing cyber security intelligence

1000 characters left
View our privacy policy

Resources

Discover our latest content and resources

From the blog
From the blog Case studies Latest news
25th March 2024
UK government finds 75% of UK businesses experienced a cyber incident in 2023
According to new figures published by the UK government, no less than three-quarters of UK businesses and 79% of charities experienced a cybersecurity incident in the past 12 months, with only limited improvements in organisations’ cybersecurity posture between 2022 and 2023.
18th March 2024
Prioritise the security of perimeter products, says NCSC
Securing perimeter products must be a priority for organisations as threat actors are increasingly targeting insecure self-hosted products at the corporate network perimeter, according to the UK's National Cyber Security Centre (NCSC).
4th March 2024
Insider threats an increasing concern for UK companies
More than half of UK business decision-makers surveyed for a new study stated that they were concerned about the likelihood of their employees being approached by cybercriminals, leading to a rise in insider threats.    
26th February 2024
78% of organisations hit by repeat ransomware attacks after paying
A new report shows that almost four in five organisations that paid a ransom demand were hit by a second ransomware attack, often by the same threat actor. Almost two-thirds (63%) of those organizations were asked to pay more the second time.