Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Redscan is a finalist in six categories at the Computing Security Awards 2020 and we'd appreciate your support! Vote for us here.

Overview

Redscan Managed SOC Services

Redscan’s Managed SOC and Co-Managed SOC are outsourced services designed to help organisations of all sizes improve their ability to detect and respond to threats at a fraction of the price of building a SOC in-house.

Our CREST accredited, UK-based SOC consists of security analysts, engineers, threat researchers and incident responders who work as a virtual extension of our customers’ in-house teams, managing and monitoring the latest detection technologies to hunt for and eliminate threats in their infancy, 24/7/365.

SOC Definition

What is a SOC?

A Security Operations Centre (SOC) is a facility that houses a dedicated team responsible for maintaining and improving an organisation’s cyber security. A SOC or CSOC is equipped with a range of security technologies which are used by the personnel that work within them to help prevent, detect and respond to cyber threats.

Developing a SOC capability should be a priority for any organisation seeking to elevate its cyber maturity. As threats evolve to bypass traditional signature-based defences, organisations must improve their ability to prevent, detect and respond to them. A Cyber Security Operations Centre provides the capability organisations need, 24/7.

SOC Personnel

SOC personnel typically include:

  • A SOC Manager
  • Security Analysts
  • Security Engineers
  • Incident Responders

Challenges

The challenges of operating an in-house SOC

One of the main challenges businesses face when seeking to make improvements to cyber security is overcoming the vast expense associated with building and maintaining an in-house CSOC operation.

Implementing the latest technologies and monitoring them 24/7 is costly, compounded by the fact that the qualified security experts needed to carry out day-to-day operations are in short supply and therefore expensive to recruit and retain.

An infected endpoint being isolated from a network

Discuss your SOC requirements

Get in touch
A person choosing from a range of Managed Security Services

Managed SOC

Why consider a Managed SOC service?

To reduce the strain on already stretched IT teams, many organisations are turning to managed SOC or co-managed SOC services to meet their security needs. Acting as a virtual extension of in-house resources, a managed CSOC relieves organisations of the responsibility of managing security day-to-day.
Key functions a Managed SOC undertakes includes:

• Technology deployment and management
• Incident prevention
• Security event monitoring
• Alert analysis and investigation
• Threat intelligence management

SOC FAQ

Managed SOC FAQs

What does SOC stand for?

SOC in cyber security stands for Security Operations Centre – a specialist facility that includes the people, technology and threat intelligence organisations need to monitor and improve their cyber security posture. A SOC is sometimes referred to as a CSOC (Cyber Security Operations Centre) – the terms are largely synonymous.

What does a SOC do?

A SOC is made up of security analysts, engineers and responders tasked with preventing, detecting, responding to and remediating cyber threats around-the-clock. SOCs are typically responsible for activities such as system deployment and management, log management and monitoring, incident investigation and triage, vulnerability management and compliance reporting.

What is a SOC analyst?

A SOC analyst is a cyber security professional who works as part of the team responsible for monitoring IT infrastructure to identify security weaknesses and detect and respond to threats. Check out the latest SOC Analyst, Junior SOC Analyst and Senior SOC Analyst roles on our website.

What is the difference between SOC and NOC?

A Network Operations Centre (NOC) is responsible for maintaining and monitoring IT systems and preventing network interruption and downtime. A NOC isn’t responsible for cyber security, which is the traditional remit of a Security Operations Centre (SOC).

What makes a good SOC?

The three pillars of a successful SOC are people, process and technology. A good Security Operations Centre will be made up of a team of experts who manage and monitor threat detection technologies around the clock, using advanced analytics, integrated intelligence and custom automation processes to provide continuous threat detection and response.

What are the tools used in a SOC?

The tools used in a SOC or co-managed SOC will vary from one environment to another, but the one essential purpose they share is data collection. To identify threats, a SOC needs a vast amount of telemetry and event data to be collated, analysed, contextualised and enriched. SOC tools could include SIEM, IDS, EDR, UEBA, NTA, vulnerability scanning and behavioural monitoring technologies.

What should a SOC monitor?

A SOC should use a number of different technologies to help identify threats across an organisation’s complete IT environment. SOC tools should monitor network traffic, event logs and endpoint activity. Security experts can then collate and analyse this information and use it to identify threats and shut them down before they cause damage and disruption.

How do you implement a SOC?

Building and implementing a SOC is far from an overnight process. It requires an extensive period of design and strategy planning, in which SOC processes are created and training is undertaken.

The work isn’t over after implementation – SOC use cases need to be developed and the facility has to be maintained and developed over time. For any organisation lacking the resources to build and staff 24/7 operation, a co-managed SOC or fully-managed SOC will prove a cost-effective option to help bridge the gap.

What is a managed SOC?

A managed SOC, sometimes referred to as SOC as-a-service, is an outsourced security service that provides organisations with a SOC capability for a cost-effective subscription. A managed SOC works as a virtual extension of in-house resources to deploy and manage security technologies, monitor and triage alerts, analyse and investigate threats and support incident response. SOC services take many different forms, including a fully Outsourced SOC, Virtual SOC or Co-managed SOC, where responsibilities are split between the buyer and service provider.

How much does a SOC cost?

As you might expect, the cost of a SOC varies significantly from organisation to organisation. Implementing the latest technologies and monitoring them 24/7 is costly, and the certified security experts needed to carry out day-to-day operations don’t come cheap. Even for a medium-sized business, costs can quickly escalate into the millions, with recent research from the Ponemon Institute suggesting an average annual spend of over £2.5 million. Outsourcing the SOC function should yield significant cost-savings – for many organisations the subscription fee will be lower than the equivalent cost of hiring just a small team of analysts to cover a 24/7 shift rota.

CREST SOC

Why choose Redscan’s CREST-accredited CSOC to protect your business?

When you outsource your SOC requirements to Redscan, you gain ongoing personalised support and advice through our world-class security operations centre. This includes:

Fully certified experts

Our experienced CSOC team of security analysts, engineers and researchers are accredited to the highest professional standards.

Cutting-edge detection technology

Our CSOC personnel are trained to apply a wide range of security technologies, allowing us to integrate with your existing systems or help you choose the most appropriate for your needs.

Advanced security analytics

Our SOC team analyse, triage and prioritise alerts generated by your organisation’s underlying security technologies, only communicating those which require your attention.

Key certifications

Our SOC holds CREST accreditation and complies with key quality standards such as ISO 9001 and ISO 27001.

Integrated intelligence

We aggregate threat intelligence from a range of external sources and combine this with internal cyber research from Redscan Labs to ensure our customers are protected against the latest threats.

Swift incident response

Our experience of managing critical security incidents means we are highly knowledgeable about how to respond to breaches and minimise the disruption attacks can cause.

CyberOps™

CyberOps is the threat management platform our SOC experts use to notify your in-house security team of incidents and supply the actionable mitigation guidance they need to respond quickly and effectively.

Stakeholder reporting

Our custom-produced reports provide clear and actionable security intelligence, with prioritised remedial actions which will help you solve complex security issues and improve organisational understanding of the threats you face.

What our customers say

4.8/5 - based on 44 Reviews
“With so much organisational change, this is a time of incredible pressure on our small team. Partnering with Redscan is making it easier for us to address the security challenges of business consolidation.”
Head of IT Security
IPL Plastics
“Redscan staff are always on hand to provide swift, clear advice. They help us keep a constant eye on our network and respond quickly to incidents to ensure systems remain operational.”
IT Director
King Edward VII's Hospital
“I can offer a higher level of assurance at board level about our information security now. Redscan gives us a broader lens on a complex and changing environment.”
IT Director
ICG
"Redscan's cost effective service gives us peace of mind that we are doing all we can to protect our clients, our business, our staff, our counterparties and other partners."
Head of IT Infrastructure
TT International
“Faster incident alerting enables us to better understand what is going on in our network and react more quickly. From an advice side of things, it’s great to be able to talk to knowledgeable people and discuss solutions to help mitigate our security risks.”
Head of IT Security
IPL Plastics
“With Redscan, we are able to understand and quickly identify any threats. Redscan’s support gives us the freedom to feel more secure and be more productive.”  
Head of IT
Bernhard Schulte Shipmanagement
“I definitely recommend ThreatDetect. It’s an incredible managed security service. By working in partnership with Redscan, we have significantly improved our operational resilience.”  
Head of Cyber Security
Specialist bank
“Thanks to Redscan we now have a solution that gives us the ability to monitor, isolate and eliminate threats across our IT infrastructure.”
Head of IT
King Edward VII's Hospital
“The personal approach is something I noticed from my first engagement with Redscan and it is still true today. We have 30 locations worldwide and it is valuable to have a third party being proactive in identifying potential security issues.”
Head of IT
Bernhard Schulte Shipmanagement
“Services like ThreatDetect are few and far between.”
Head of IT Infrastructure
TT International
“I value the fact that Redscan aggregates insight about the cyber-attacks it sees on other customers and retrospectively applies it to other organisations, so we all benefit from that knowledge.”  
Head of Cyber Security
Specialist bank
"Our partnership with Redscan has been one of the most successful that we have ever undertaken"
IT Director
ICG

About us

Why choose Redscan?

  • A leading UK-based MDR company
  • Red and blue team CREST CSOC expertise
  • High-quality intelligence and actionable outcomes
  • Quick and hassle-free service deployment
  • An agnostic approach to technology selection
  • Avg. >9/10 customer satisfaction, 95% retention rate

Get in touch

Complete the form for a prompt response from our team.

I prefer to be contacted by:
View our privacy policy

Resources

Discover our latest content and resources

From the blog
From the blog Case studies Latest news
23rd November 2020
A third of charities experienced a cyber-attack during the pandemic
A third of charities have suffered a cyber-attack during the coronavirus pandemic, according to new research. The most common types of threats affecting charities are phishing attacks, spear-phishing, malware and ransomware.  
16th November 2020
Human error a significant security risk for businesses during Covid-19 crisis
A new report suggests that human error has been the biggest cyber security risk for companies during the COVID-19 pandemic, affecting 80% of businesses.
3rd November 2020
NCSC: over a quarter of cyber security incidents linked to Covid-19
The latest annual review from the National Cyber Security Centre (NCSC) states that over a quarter of cyber security incidents are related to Covid-19. Key targets for threat actors during the pandemic have been identified as employees working from home and academic institutions.  
2nd November 2020
Computing Security Awards 2020: Redscan shortlisted in six categories
Redscan has been shortlisted as a finalist in six categories at the 2020 Computing Security Awards.  We’d be very grateful if you would take a moment to vote for us. Many thanks for your support!