Managed Security Services - SOC
Protect User, Apps and Data
Identity & Access Management
It all starts with the identity which must be harmonious and propagated to all environments: on-premises, hosted or cloud. We support our clients in the development of a unified and access control strategy to all their essential resources.
Cloud & Infrastructure Hardening
In order to minimize the surface of attacks, it is important to harden infrastructure and cloud resource configurations. Our services include a hardening of the security of the managed infrastructures.
For more information on this service, see this page.
Managed Email Protection
Email is today the vector of choice for malware and ransomware, the first step we take towards our customers is to secure their email channels and eliminate the threat by protecting this channel with advanced technologies.
Managed WAF - Web Application Firewall
Phishing attacks frequently target vulnerable websites in order to plant pages which will be used in attack scenarios. We help clients secure their websites against intruders.
Moreover clients who use the mobile or the web to run critical applications or e-commerce, use our service to secure their platforms.
Managed Firewall and SD-WAN
We also provide a managed security framework by teaming up with Arista Edge Threat Management (previously Untangle) to provide a managed firewall and managed SD-WAN.
THREAT DETECTION, RESPONSE & RECOVERY
Our Security Operations Center (SOC) implements detection and response services based on the NIST (National Institute of Standards and Technology) methodology. This is our SOCaaS (SOC as a service) or managed SOC service.
The services provided by our SOC are:
- Risk analysis;
Protection of systems and maintenance in optimized condition;
- Incident detection;
- Attack Isolation;
- Response to incidents remotely or on site;
- Recovery of the initial configuration;
Securing and hardening of the installation;
Windows, Mac and Linux platforms are supported and pricing is per device per month.
THREAT DETECTION - MDR
Managed SOC: Managed Endpoint Detection & Response (MDR)
We are a managed security services provider and we use Bitdefender EDR and XDR solutions to secure workstations, servers and Cloud environments. This service is provided as part of our managed SOC and includes the Bitdefender service and software suite.
We monitor the security of cloud, servers and on-premises endpoints by detecting threats and reacting to them immediately.
Our services consist of identifying risks, securing terminals, detecting threats and remedying them either by remote access or by moving to the customer’s site.
Managed SOC: Managed SIEM
From our SOC we leverage the power of our analysis and threat detection software to monitor our customers’ resources 24x7x365.
Additionally, we use advanced techniques such as User Entity Behavior Analytics (UEBA) to categorize and remediate user risk.
Within our managed SOC service (SOCaaS), the Managed SIEM service is optionally integrated with the Managed Detection & Response and Vulnerability Management service.
Continuous vulnerability detection and risk assessment of our customers’ critical assets helps us prevent attacks and keep them secure.
In addition, this vulnerability management is integrated with our Managed SIEM service in order to better control the scope of potential threats.
Security Operations Center - Managed SOC FAQ
Computer security is a multi-step process.
To prevent ransomware, the most important thing is to implement a next-generation security agent (EDR – Endpoint Detection & Response, XDR – Extended Detection & Response) on workstations and servers, capable of detecting malicious behavior. But it is above all essential to combine this technique with a detection and response service (MDR, Managed Detection & Response) consisting of experts capable of responding to incidents and countering all types of attacks.
Microsoft 365 filters aren’t 100% effective.
Even Microsoft Defender for Microsoft 365 misses a fair number of threats. It is recommended to implement additional security to Microsoft 365 security with an email security service.
This service will make it possible to detect and prevent attacks such as ransomware, identity theft (impersonation) or cyber fraud.
Once a web or mobile application is published, everyone has access to it.
However, the risks are numerous, they can come from the programming platform, the servers or the quality of the code. A Web application Firewall (WAF) will intercept all requests intended for the application and inspect them to filter out malicious requests.
In addition, a Web application Firewall (WAF) will also allow us to apply effective and fast rules to pages based on different criteria such as user geolocation.
Cloudflare is a recommended solution because it couples security with the CDN (Content Delivery Network) which will speed up service to users and relieve congestion on the application’s servers.
A Managed Security Operations Center (SOC) is also called SOCaaS Security Operations Center as a Service. SOC as a service.
This service makes it possible to recruit a team of security specialists like that of Exeo to monitor, detect incidents and respond to them in an effective manner by stopping cyber attacks.
The Managed SOC (SOCaaS) therefore consists of a combination of technology, processes and expertise recruited for a defined objective, the scope of which is defined by position or by protected user.
The client therefore avoids building this capability and recruits it in a managed way.
The following services are usually part of the Managed SOC:
- Identifying managed assets and managing their risks;
- Strengthening the security of workstations and servers by detecting and stopping attacks through Managed Detection & Response (EDR / MDR);
- Vulnerability Management: continuous monitoring of the fleet and the level of vulnerability of software and configurations;
- Web and dark web tracking to monitor activities relating to the managed park;
- Detection and response to security incidents through advanced analysis and monitoring of infrastructure and users using technologies such as SIEM (Security information and event management) or UEBA (User and Entity Behavior Analytics).
The SOC is made up of cybersecurity specialists trained in incident detection and response.
Three types of specialists are part of a SOC:
- Analysts will triage events and escalate potential incidents that require advanced investigation;
- The specialists examine you on the identified incidents and initiate the response process;
- The experts will intervene on advanced incidents and perform cyber forensics when necessary.
The engineers of the Exeo managed SOC are located in Paris – France, Beirut – Lebanon and Dubai – UAE.
What can EXEO do for your business?
We believe that digitisation is not an end by itself, but a mean to get to a more productive and efficient business operation that supports every organisation’s objectives.