Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Book a CREST penetration test today. Get a quote.


Redscan Managed SOC Services

Redscan’s Managed SOC is an outsourced service designed to help organisations of all sizes improve their ability to detect and respond to threats at a fraction of the price of building a SOC in-house.

Our CREST accredited, UK-based SOC consists of security analysts, engineers, threat researchers and incident responders who work as a virtual extension of our customers’ in-house teams, managing and monitoring the latest detection technologies to hunt for and eliminate threats in their infancy, 24/7/365.

SOC Definition

What is a SOC?

A Security Operations Centre (SOC) is a facility that houses a dedicated team responsible for maintaining and improving an organisation’s cyber security. A SOC or CSOC is equipped with a range of security technologies which are used by the personnel that work within them to help prevent, detect and respond to cyber threats.

Developing a SOC capability should be a priority for any organisation seeking to elevate its cyber maturity. As threats evolve to bypass traditional signature-based defences, organisations must improve their ability to prevent, detect and respond to them. A Cyber Security Operations Centre provides the capability organisations need, 24/7.

SOC Personnel

SOC personnel typically include:

  • A SOC Manager
  • Security Analysts
  • Security Engineers
  • Incident Responders


The challenges of operating an in-house SOC

One of the main challenges businesses face when seeking to make improvements to cyber security is overcoming the vast expense associated with building and maintaining an in-house CSOC operation.

Implementing the latest technologies and monitoring them 24/7 is costly, compounded by the fact that the qualified security experts needed to carry out day-to-day operations are in short supply and therefore expensive to recruit and retain.

An infected endpoint being isolated from a network

Discuss your SOC requirements

Get in touch
A person choosing from a range of Managed Security Services

Managed SOC

Why consider a Managed SOC service?

To reduce the strain on already stretched IT teams, many organisations are turning to managed SOC services to meet their security needs. Acting as a virtual extension of in-house resources, a managed CSOC relieves organisations of the responsibility of managing security day-to-day.
Key functions a Managed SOC undertakes includes:

• Technology deployment and management
• Incident prevention
• Security event monitoring
• Alert analysis and investigation
• Threat intelligence management


Managed SOC FAQs

What does SOC stand for?

SOC in cyber security stands for Security Operations Centre – a specialist facility that includes the people, technology and threat intelligence organisations need to monitor and improve their cyber security posture. A SOC is sometimes referred to as a CSOC (Cyber Security Operations Centre) – the terms are largely synonymous.

What does a SOC do?

A SOC is made up of security analysts, engineers and responders tasked with preventing, detecting, responding to and remediating cyber threats around-the-clock. SOCs are typically responsible for activities such as system deployment and management, log management and monitoring, incident investigation and triage, vulnerability management and compliance reporting.

What is a SOC analyst?

A SOC analyst is a cyber security professional who works as part of the team responsible for monitoring IT infrastructure to identify security weaknesses and detect and respond to threats. Check out the latest SOC Analyst, Junior SOC Analyst and Senior SOC Analyst roles on our website.

What is the difference between SOC and NOC?

A Network Operations Centre (NOC) is responsible for maintaining and monitoring IT systems and preventing network interruption and downtime. A NOC isn’t responsible for cyber security, which is the traditional remit of a Security Operations Centre (SOC).

What makes a good SOC?

The three pillars of a successful SOC are people, process and technology. A good Security Operations Centre will be made up of a team of experts who manage and monitor threat detection technologies around the clock, using advanced analytics, integrated intelligence and custom automation processes to provide continuous threat detection and response.

What are the tools used in a SOC?

The tools used in a SOC or co-managed SOC will vary from one environment to another, but the one essential purpose they share is data collection. To identify threats, a SOC needs a vast amount of telemetry and event data to be collated, analysed, contextualised and enriched. SOC tools could include SIEM, IDS, EDR, UEBA, NTA, vulnerability scanning and behavioural monitoring technologies.

What should a SOC monitor?

A SOC should use a number of different technologies to help identify threats across an organisation’s complete IT environment. SOC tools should monitor network traffic, event logs and endpoint activity. Security experts can then collate and analyse this information and use it to identify threats and shut them down before they cause damage and disruption.

How do you implement a SOC?

Building and implementing a SOC is far from an overnight process. It requires an extensive period of design and strategy planning, in which SOC processes are created and training is undertaken.

The work isn’t over after implementation – SOC use cases need to be developed and the facility has to be maintained and developed over time. For any organisation lacking the resources to build and staff 24/7 operation, a co-managed SOC or fully-managed SOC will prove a cost-effective option to help bridge the gap.

What is a managed SOC?

A managed SOC, sometimes referred to as SOC as-a-service, is an outsourced security service that provides organisations with a SOC capability for a cost-effective subscription. A managed SOC works as a virtual extension of in-house resources to deploy and manage security technologies, monitor and triage alerts, analyse and investigate threats and support incident response. SOC services take many different forms, including a fully Outsourced SOC, Virtual SOC or Co-managed SOC, where responsibilities are split between the buyer and service provider.

How much does a SOC cost?

As you might expect, the cost of a SOC varies significantly from organisation to organisation. Implementing the latest technologies and monitoring them 24/7 is costly, and the certified security experts needed to carry out day-to-day operations don’t come cheap. Even for a medium-sized business, costs can quickly escalate into the millions, with recent research from the Ponemon Institute suggesting an average annual spend of over £2.5 million. Outsourcing the SOC function should yield significant cost-savings – for many organisations the subscription fee will be lower than the equivalent cost of hiring just a small team of analysts to cover a 24/7 shift rota.


Why choose Redscan’s CREST-accredited CSOC to protect your business?

When you outsource your SOC requirements to Redscan, you gain ongoing personalised support and advice through our world-class security operations centre. This includes:

Fully certified experts

Our experienced CSOC team of security analysts, engineers and researchers are accredited to the highest professional standards.

Cutting-edge detection technology

Our CSOC personnel are trained to apply a wide range of security technologies, allowing us to integrate with your existing systems or help you choose the most appropriate for your needs.

Advanced security analytics

Our SOC team analyse, triage and prioritise alerts generated by your organisation’s underlying security technologies, only communicating those which require your attention.

Key certifications

Our SOC holds CREST accreditation and complies with key quality standards such as ISO 9001 and ISO 27001.

Integrated intelligence

We aggregate threat intelligence from a range of external sources and combine this with internal cyber research from Redscan Labs to ensure our customers are protected against the latest threats.

Swift incident response

Our experience of managing critical security incidents means we are highly knowledgeable about how to respond to breaches and minimise the disruption attacks can cause.


CyberOps is the threat management platform our SOC experts use to notify your in-house security team of incidents and supply the actionable mitigation guidance they need to respond quickly and effectively.

Stakeholder reporting

Our custom-produced reports provide clear and actionable security intelligence, with prioritised remedial actions which will help you solve complex security issues and improve organisational understanding of the threats you face.

About us

Why choose Redscan?

  • A leading UK-based MDR company
  • Red and blue team CREST CSOC expertise
  • High-quality intelligence and actionable outcomes
  • Quick and hassle-free service deployment
  • An agnostic approach to technology selection
  • Avg. >9/10 customer satisfaction, 95% retention rate

Get in touch

Complete the form for a prompt response from our team.

I prefer to be contacted by:
View our privacy policy


Discover our latest content and resources

From the blog
From the blog Case studies Latest news
15th September 2020
Significant number of remote workers use own devices to access company data
A global survey of over 13,000 remote workers has found that 39% of them use their own devices to access data belonging to their employer, often via services and applications hosted in the cloud. Many of the personal devices used to do this were identified as being less secure than corporate devices.
8th September 2020
New research suggests a quarter of company desktops lack security software
New research suggests that almost one in four (23%) of desktop computers and one in five (17%) of laptops supplied by UK employers lack security software. The research also reveals company smartphones to be as exposed to cyber security issues as desktop computers.
1st September 2020
Formal warnings issued about the rise in vishing attacks
The FBI have issued formal warnings about vishing, a new version of phishing in which cybercriminals make voice-over-IP (VoIP) calls to employees they view as vulnerable. The rise of vishing, also known as voice phishing, is thought to be due to the increase in remote working and the use of VPNs.
25th August 2020
96% of UK businesses experienced at least one major cyber-attack over the past year
Research shows that 96% of UK businesses experienced at least one significant cyber-attack over the past year with 65% of respondents stating that their operational technology (OT) had undergone an attack.