Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Learn how open source threat intelligence can be used to defend against cyber-attacks. Join our webinar on August 4th.


Redscan Managed SOC

Redscan’s Managed SOC is an outsourced service designed to help organisations of all sizes improve their ability to detect and respond to threats at a fraction of the price of building a SOC in-house.

Our CREST accredited, UK-based SOC consists of security analysts, engineers, threat researchers and incident responders who work as a virtual extension of our customers’ in-house teams, managing and monitoring the latest detection technologies to hunt for and eliminate threats in their infancy, 24/7/365.

SOC Definition

What is a SOC?

A Security Operations Centre (SOC) is a facility that houses a dedicated team responsible for maintaining and improving an organisation’s cyber security. A SOC or CSOC is equipped with a range of security technologies which are used by the personnel that work within them to help prevent, detect and respond to cyber threats.

Developing a SOC capability should be a priority for any organisation seeking to elevate its cyber maturity. As threats evolve to bypass traditional signature-based defences, organisations must improve their ability to prevent, detect and respond to them. A Cyber Security Operations Centre provides the capability organisations need, 24/7.

SOC Personnel

SOC personnel typically include:

  • A SOC Manager
  • Security Analysts
  • Security Engineers
  • Incident Responders


The challenges of operating an in-house SOC

One of the main challenges businesses face when seeking to make improvements to cyber security is overcoming the vast expense associated with building and maintaining an in-house CSOC operation.

Implementing the latest technologies and monitoring them 24/7 is costly, compounded by the fact that the qualified security experts needed to carry out day-to-day operations are in short supply and therefore expensive to recruit and retain.

An infected endpoint being isolated from a network

Discuss your SOC requirements

Get in touch
A person choosing from a range of Managed Security Services

Managed SOC

Why consider a Managed SOC service?

To reduce the strain on already stretched IT teams, many organisations are turning to managed SOC services to meet their security needs. Acting as a virtual extension of in-house resources, a managed CSOC relieves organisations of the responsibility of managing security day-to-day.
Key functions a Managed SOC undertakes includes:

• Technology deployment and management
• Incident prevention
• Security event monitoring
• Alert analysis and investigation
• Threat intelligence management


Managed SOC FAQs

What does SOC stand for?

SOC in cyber security stands for Security Operations Centre – a specialist facility that includes the people, technology and threat intelligence organisations need to monitor and improve their cyber security posture. A SOC is sometimes referred to as a CSOC (Cyber Security Operations Centre) – the terms are largely synonymous.

What does a SOC do?

A SOC is made up of security analysts, engineers and responders tasked with preventing, detecting, responding to and remediating cyber threats around-the-clock. SOCs are typically responsible for activities such as system deployment and management, log management and monitoring, incident investigation and triage, vulnerability management and compliance reporting.

What is a SOC analyst?

A SOC analyst is a cyber security professional who works as part of the team responsible for monitoring IT infrastructure to identify security weaknesses and detect and respond to threats. Check out the latest SOC Analyst, Junior SOC Analyst and Senior SOC Analyst roles on our website.

What is the difference between SOC and NOC?

A Network Operations Centre (NOC) is responsible for maintaining and monitoring IT systems and preventing network interruption and downtime. A NOC isn’t responsible for cyber security, which is the traditional remit of a Security Operations Centre (SOC).

What makes a good SOC?

The three pillars of a successful SOC are people, process and technology. A good Security Operations Centre will be made up of a team of experts who manage and monitor threat detection technologies around the clock, using advanced analytics, integrated intelligence and custom automation processes to provide continuous threat detection and response.

What are the tools used in a SOC?

The tools used in a SOC will vary from one environment to another, but the one essential purpose they share is data collection. To identify threats, a SOC needs a vast amount of telemetry and event data to be collated, analysed, contextualised and enriched. SOC tools could include SIEM, IDS, EDR, UEBA, NTA, vulnerability scanning and behavioural monitoring technologies.

What should a SOC monitor?

A SOC should use a number of different technologies to help identify threats across an organisation’s complete IT environment. SOC tools should monitor network traffic, event logs and endpoint activity. Security experts can then collate and analyse this information and use it to identify threats and shut them down before they cause damage and disruption.

How do you implement a SOC?

Building and implementing a SOC is far from an overnight process. It requires an extensive period of design and strategy planning, in which SOC processes are created and training is undertaken.

The work isn’t over after implementation – SOC use cases need to be developed and the facility has to be maintained and developed over time. For any organisation lacking the resources to build and staff 24/7 operation, a managed SOC is a cost-effective option to help bridge the gap.

What is a managed SOC?

A managed SOC, sometimes referred to as SOC as-a-service, is an outsourced security service that provides organisations with a SOC capability for a cost-effective subscription. A managed SOC works as a virtual extension of in-house resources to deploy and manage security technologies, monitor and triage alerts, analyse and investigate threats and support incident response. SOC services take many different forms, including a fully Outsourced SOC, Virtual SOC or Co-managed SOC, where responsibilities are split between the buyer and service provider.

How much does a SOC cost?

As you might expect, the cost of a SOC varies significantly from organisation to organisation. Implementing the latest technologies and monitoring them 24/7 is costly, and the certified security experts needed to carry out day-to-day operations don’t come cheap. Even for a medium-sized business, costs can quickly escalate into the millions, with recent research from the Ponemon Institute suggesting an average annual spend of over £2.5 million. Outsourcing the SOC function should yield significant cost-savings – for many organisations the subscription fee will be lower than the equivalent cost of hiring just a small team of analysts to cover a 24/7 shift rota.


Why choose Redscan’s CREST-accredited CSOC to protect your business?

When you outsource your SOC requirements to Redscan, you gain ongoing personalised support and advice through our world-class security operations centre. This includes:

Fully certified experts

Our experienced CSOC team of security analysts, engineers and researchers are accredited to the highest professional standards.

Cutting-edge detection technology

Our CSOC personnel are trained to apply a wide range of security technologies, allowing us to integrate with your existing systems or help you choose the most appropriate for your needs.

Advanced security analytics

Our SOC team analyse, triage and prioritise alerts generated by your organisation’s underlying security technologies, only communicating those which require your attention.

Key certifications

Our SOC holds CREST accreditation and complies with key quality standards such as ISO 9001 and ISO 27001.

Integrated intelligence

We aggregate threat intelligence from a range of external sources and combine this with internal cyber research from Redscan Labs to ensure our customers are protected against the latest threats.

Swift incident response

Our experience of managing critical security incidents means we are highly knowledgeable about how to respond to breaches and minimise the disruption attacks can cause.


CyberOps is the threat management platform our SOC experts use to notify your in-house security team of incidents and supply the actionable mitigation guidance they need to respond quickly and effectively.

Stakeholder reporting

Our custom-produced reports provide clear and actionable security intelligence, with prioritised remedial actions which will help you solve complex security issues and improve organisational understanding of the threats you face.

About us

Why choose Redscan?

  • A leading UK-based MDR company
  • Red and blue team CREST CSOC expertise
  • High-quality intelligence and actionable outcomes
  • Quick and hassle-free service deployment
  • An agnostic approach to technology selection
  • Avg. >9/10 customer satisfaction, 95% retention rate

Get in touch

Complete the form for a prompt response from our team.

I prefer to be contacted by:
View our privacy policy


Discover our latest content and resources

From the blog
From the blog Case studies Latest news
13th July 2020
‘123456’ still the most popular online password

An analysis of over a billion breached credentials has revealed that one in every 142 people uses the password '123456', increasing their vulnerability to hackers.

7th July 2020
Significant rise in volume and size of fines for data breaches predicted
A new study has suggested that the number and value of fines for data breaches will increase dramatically between now and 2025. This is thought to be because employees have access to more data than ever before.
26th June 2020
One million phishing scams reported to NCSC in just two months
The UK’s National Cyber Security Centre (NCSC) has received one million reports of scam emails since launching its new reporting service in April. More than half of online scams reported were fake cryptocurrency investment lures.