Standard security controls like firewalls, anti-virus and IAM are essential, but aren’t 100% effective or reliable. Cysiv SOC-as-a-Service complements these, and helps further reduce the risk of a damaging data breach or service disruption, while ensuring compliance.
We use our advanced, two-stage threat detection engine and a blend of techniques to weed out false positives and identify true threats—the ones that warrant deeper human investigation.
Our experts investigate these threats and escalate the confirmed incidents to you, in accordance with your service level agreement, and following the preferred escalation procedure.
Human-led threat hunting exercises augment the automated threat detection process.
These exercises are prioritized based on your company profile, critical assets, prevalent threat actors, current threat intelligence, high risk TTPs, and other input you provide. Malicious findings are escalated to you.
Based on the nature of the security incident, we can actively take pre-approved containment and remediation measures. or provide this guidance to you.
We also recommend policy or security control changes to prevent similar security incidents from arising.
Cysiv SOC-as-a-Service detects and responds to threats that you need to be concerned about, including:
Cysiv SOC-as-a-Service combines the essential elements of a modern, 24/7 security operations center, and delivers them as a service, with simple, predictable and flexible subscription options and monthly billing.
Data: We get a complete and accurate view of threats cross your entire IT environment by leveraging the full detection value of telemetry and data from a broad range of important sources, not just endpoints.
Technology: Our cloud-native next-gen SIEM platform processes all this data to identify true threats that warrant deeper investigation, while weeding out more than 85% of false positives
People: Our team of experts then investigate these threats and escalate them to you, or take action on your behalf. Cysiv experts operate as a seamless, highly collaborative and directly accessible extension to your team.
Full access to Cysiv Command
Log management and tiered data storage
31-day search / 365-day retention
Raw telemetry collection
Curated threat intelligence
Service health monitoring (data ingestion)
"Eyes-on-glass" security monitoring
Threat triage
Incident investigation by SOC analyst
Incident escalation (alert / notification)
Human-led threat hunting
Advanced behavioral detections (TTPs, anomalies)
Recommended remediations
Active Response: Disrupt & contain threats in real-time
Data onboarding and integration
Customized playbooks
Tailored runbooks and escalation procedures
"State-of-your-Service" reports & meetings
Cysiv delivers the outcomes that are important to you.
Grocery delivery service
Scheduling platform
Global payments network
Uranium & nuclear fuel
Chemical / Manufacturing
Specialty vehicles
Fortune 100
Software & technology
Automotive parts
© 2022. All rights reserved. Cysiv and the Cysiv Logo are trademarks of Cysiv, Inc. Other marks and names are trademarks or registered trademarks of their respective owners.