Cookie Notice

We use cookies to analyse site traffic and optimise your browsing experience. Accepting necessary cookies is required to provide you with a minimum level of service. Read Cookie Statement

Get In Touch
Contact Us

Contact Us

Please get in touch using the form below

1000 characters left
View our privacy policy
Experiencing a breach? Get emergency incident response assistance.

Overview

Supplying the notifications and insight your team needs to respond effectively

The Redscan Platform is Redscan’s proprietary customer portal. As the virtual interface between our Cyber Security Operations Centre (CSOC) and your in-house team, The Redscan Platform enables us to comprehensively monitor your environments to identify and manage security incidents, and deliver the security outcomes you need – all through a single unified platform.

CyberOps incident displayed on desktop and mobile

How it works

01. Ingestion

The Redscan Platform collects telemetry from across your environments by integrating with your assets and underlying security technologies. This data is then analysed using the latest behavioural detection engines and enriched with threat intelligence to generate alerts.

02. Analytics

Proprietray algorithms within The Redscan Platform intelligently group alerts by common attributes to create high-fidelity ‘cases’. Cases enhance contextual awareness by providing a more comprehensive view of security incidents and reduce noise.

03. Investigation

The Redscan Platform presents cases to our 24/7 Security Operations Centre experts for analysis. Cases which are validated as genuine incidents are raised for your security team with accompanying mitigation guidance.

04. Response

The Redscan Platform’s security orchestration capabilities accelerate incident response by automating threat containment and disruption in a variety of scenarios. Response actions can be also be triggered manually from within the platform.

Benefits

Technology agnostic

Whichever technologies form part of your service, The Redscan Platform ingests and aggregates all security alert information and presents it for analysis via a single pane of glass.

Alert enrichment engine

The Redscan Platform’s alert correlation and enrichment engine uses the latest threat intelligence to add greater context to alerts and help distinguish genuine incidents from false positives.

Swift incident notification

Once an alert is identified as being a true positive and raised as an incident by our SOC, The Redscan Platform generates a message to ensure that your team members are promptly notified.

Automated response actions

Integration with preventative security controls enables automated incident response actions to be triggered automatically or on demand at the click of a button.

Customisable dashboards

The Redscan Platform’s widget-based dashboards enable your users to view security information in real-time and measure key metrics to ensure service levels are being achieved.

Seamless workflow integration

Support for a range of ITSM tools enables security incidents raised via The Redscan Platform to be managed alongside tickets relating to other aspects of your organisation’s IT estate.

Workflow

Seamless workflow integration

The Redscan Platform supports integration with widely used IT service management tools, including:

thumb
thumb
thumb
thumb
thumb
thumb

Zendesk

BMC Remedy

Jira

ManageEngine

ServiceNow

Slack

Interested in learning more?

Request a demo

Our Approach

Identifying genuine security incidents out of millions of alerts

The Redscan Platform’s automated alert correlation and enrichment engine reduces the number of low value alerts generated by security tools to enable security teams to focus on the ones that really matter.

Cyberops Approach
Approach

Millions

Events observed

A turnkey technology stack collects and analyses security events across your environment and generates alerts

Hundreds

Alerts generated

Alerts are ingested into The Redscan Platform where they are enriched with the latest threat intelligence and analysed by Redscan’s SOC team

Tens

Incidents investigated

Genuine security alerts are raised as security incidents for your attention, with actionable mitigation guidance. Automated response actions help quickly contain and disrupt incidents.

Outcomes

Actionable security insight

The information you need to quickly and effectively respond to security incidents.

Risk Level

Each incident is thoroughly analysed and triaged by our SOC team to help you understand its severity.
CyberOps - Redscan’s Threat Management Platform.

Description

We supply a detailed description of the incident and investigation conducted, key supporting technical information and log data, and an assessment of its potential impact.
Managed Detection & Response - Threat notification, analytics and reporting

Remediation advice

Actionable mitigation guidance and automated response actions provide the support you need to respond quickly and effectively respond to incidents.
Remediation advice

Additional support

Should additional information or support be required, simply send us a service request.
CyberOps - Redscan’s Threat Management Platform.
Example Redscan Platform incident notification

Redscan Platform screenshots of security analytics

Security analytics

A real-time snapshot of your security status

The Redscan Platform’s customisable dashboards provide a real-time overview of your organisation’s security posture. Choose from a range of customisable widgets to view risk level trends, alarm timelines, and key activity metrics.

Kroll Responder MDR

Reducing breach detection time from months to minutes

More about Kroll Responder

Get a Redscan Platform demo

Please complete the form and our team will be in touch.

1000 characters left
View our privacy policy

Resources

Discover our latest content and resources

From the blog
From the blog Case studies Latest news
15th April 2024
Half of UK businesses affected by cyber-incident in the past year
According to a new report by the UK government, half of UK businesses have reported a cyber incident or data breach in the past 12 months.  
8th April 2024
Infostealers prominent in retail cyber-attacks
New research has highlighted that the use of infostealers dominated in cyber-attacks on retailers over the past year.  
2nd April 2024
Zero-day vulnerabilities soared by over 50% between 2022 and 2023
In a new report Google has revealed that the volume of zero-day vulnerabilities it detected rose by over 50% from 2022 to 2023, with bugs in third-party components on the increase.
25th March 2024
UK government finds 75% of UK businesses experienced a cyber incident in 2023
According to new figures published by the UK government, no less than three-quarters of UK businesses and 79% of charities experienced a cybersecurity incident in the past 12 months, with only limited improvements in organisations’ cybersecurity posture between 2022 and 2023.
Close

Get an MDR quote

Please fill out the form below and we'll get back
to you shortly to discuss your MDR requirements.
View our privacy policy