SOC-in-a-Box combines hundreds of man years of experience in developing the required intellectual property for blue-prints to best-practice Security Operations Centre (SOC) inception and ongoing operation.
The service is intended for service providers, large enterprise, Government, and custodians of Critical Infrastructure with aspirations to build internal capability to deal with growing concerns over downtime, data loss and regulatory compliance.
With the SOC-in-a-Box, organisations can now choose earthwave to provide fully outsourced security monitoring, in-house Security Operations, or a hybrid co-sourced model.
The solution is modular to provide all components required for delivery of best practice Security Operations, including logical, physical and human factors. Customers may choose one, many, or all modules to help complete their vision.
Following successful SOC-in-a-Box engagements, organisations can choose full self-sufficiency or engage earthwave for a co-sourced model to cover capability/resource gaps. For example, the earthwave SOC can be the DRP/BCP or take on after-hours detection and response until a client is able to scale up.
Inherent in the earthwave SOC-in-a-Box are technology solutions from HP including the Gold Standard for SIEM - HP ArcSight. ArcSight forms part of the SIEM Solution Design and Development, Log and Event Source Management, Security Operations Development, Use Case Content Development, and Compliance Reporting deliverables.
earthwave complements the SOC-in-a-Box with Sales Enablement for service providers seeking rapid time to market, with all of the service datasheets, contracts, presentations, pricing, and ongoing sales and technical training required to address the market.
SOC-in-a-Box can also include ongoing subscriptions, to 50+ global threat intelligence feeds, detection feeds, threat management content updates, portal updates and ongoing development.
The outcome derived from a SOC-in-a-Box includes comprehensive security device management, real-time threat analysis & incident response, reporting, vulnerability management, threat intelligence, security assurance, regulatory compliance, with a branded security portal.