<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2659386&amp;fmt=gif">
Talk to an expert
Telemetry-hero (1)
What We Do

Enterprise Telemetery

Cysiv SOC-as-a-Service leverages your existing data sources, from across your complete IT environment, and doesn’t mandate a specific product stack.

Security logs are an important input to the threat detection process. But alone, they’re not enough. Important signals of an attack might be picked up in an application, in enterprise infrastructure, or from cloud infrastructure. And valuable context can be derived from other related data sources.

That’s why Cysiv SOC-as-a-Service ingests, leverages and provides cloud-scale storage for a broad range of telemetry and other data sources that you’ve already invested in. This improves the quality of, and confidence in, the threats detected, and dramatically shortens the dwell time and mean time to detect (MTTD) threats, and investigate and respond to them.

Cysiv SOC-as-a-Service Leverages These Sources

Security Controls

Data generated by security infrastructure and tools including:

  • Network IPS/IDS
  • Firewall
  • Endpoint protection platform
  • Server, workload, and container security
  • Web proxy
  • Email security
img-security-controls

Infrastructure, Monitoring, and Authentication

Data used to augment security control data sources; and rich endpoint and user activity data, including:

  • Endpoint detection and response
  • Windows security / Windows process launch / Sysmon / Linux system
  • Active Directory (AD) authentication / Domain Controller / Linux auth
  • IAM / SSO
  • DHCP / Static IP
  • DNS
  • NAT / VPN / Proxy
  • Cloud audit trail
  • Network metadata
img-infastructure

Enrichment Sources

Identity, asset, vulnerability, and threat intelligence data that illuminates security context and impact during an investigation:

  • Active Directory object properties / LDAP
  • Asset inventory and classification / Configuration and patch management
  • Indicators of Compromise (IOC)
  • Vulnerability scan results
EnrichmentResources

Applications

Data generated by mission-critical applications running on servers, including:

  • Database
  • ERP
  • CRM
  • APIs
img-applications

You Choose Your Technology Stack

You’ve chosen and deployed the technologies that are right for you. We integrate with market-leading commercial products and open source technologies to ensure we can leverage the rich telemetry and contextual information needed to accelerate and improve the threat detection, investigation, hunting, and remediation process.

The vendors and products from which we can ingest telemetry and data from is continually expanding and currently includes these:

Rectangle 58

Request a Demo Today