cybersecurity

Managed Security Services - SOC

Protect User, Apps and Data

IdentiTY

Identity & Access Management

It all starts with the identity which must be harmonious and propagated to all environments: on-premises, hosted or cloud. We support our clients in the development of a unified and access control strategy to all their essential resources.

PROTECT

Cloud & Infrastructure Hardening

In order to minimize the surface of attacks, it is important to harden infrastructure and cloud resource configurations. Our services include a hardening of the security of the managed infrastructures.

For more information on this service, see this page.

Security Hardening

PROTECT

Managed Email Protection

Email is today the vector of choice for malware and ransomware, the first step we take towards our customers is to secure their email channels and eliminate the threat by protecting this channel with advanced technologies.

Email Secure
Cloudflare HTTPS WAF update

PROTECT

Managed WAF - Web Application Firewall

Phishing attacks frequently target vulnerable websites in order to plant pages which will be used in attack scenarios. We help clients secure their websites against intruders.

Moreover clients who use the mobile or the web to run critical applications or e-commerce, use our service to secure their platforms.

PROTECT

Managed Firewall and SD-WAN

We also provide a managed security framework by teaming up with Arista Edge Threat Management (previously Untangle) to provide a managed firewall and managed SD-WAN.

Arista Edge Threat Management
dashboard 1

THREAT DETECTION, RESPONSE & RECOVERY

MANAGED SOC

Our Security Operations Center (SOC) implements detection and response services based on the NIST (National Institute of Standards and Technology)  methodology. This is our SOCaaS (SOC as a service) or managed SOC service.

The services provided by our SOC are:

  • Risk analysis;
    Protection of systems and maintenance in optimized condition;
  • Incident detection;
  • Attack Isolation;
  • Response to incidents remotely or on site;
  • Recovery of the initial configuration;
    Securing and hardening of the installation;
MDR NIST
MDR Platforms

Windows, Mac and Linux platforms are supported and pricing is per device per month.

Managed Detection & Response MDR
Bitdefender Logo

THREAT DETECTION - MDR

Managed SOC: Managed Endpoint Detection & Response (MDR)

We are a managed security services provider and we use Bitdefender EDR and XDR solutions to secure workstations, servers and Cloud environments. This service is provided as part of our managed SOC and includes the Bitdefender service and software suite.

We monitor the security of cloud, servers and on-premises endpoints by detecting threats and reacting to them immediately.

Our services consist of identifying risks, securing terminals, detecting threats and remedying them either by remote access or by moving to the customer’s site.

THREAT DETECTION

Managed SOC: Managed SIEM

From our SOC we leverage the power of our analysis and threat detection software to monitor our customers’ resources 24x7x365.

Additionally, we use advanced techniques such as User Entity Behavior Analytics (UEBA) to categorize and remediate user risk.

Within our managed SOC service (SOCaaS), the Managed SIEM service is optionally integrated with the Managed Detection & Response and Vulnerability Management service.

elastic SIEM dashboard

THREAT DETECTION

Vulnerability Management

Continuous vulnerability detection and risk assessment of our customers’ critical assets helps us prevent attacks and keep them secure.

In addition, this vulnerability management is integrated with our Managed SIEM service in order to better control the scope of potential threats.

Security Operations Center - Managed SOC FAQ

Computer security is a multi-step process.
To prevent ransomware, the most important thing is to implement a next-generation security agent (EDR – Endpoint Detection & Response, XDR – Extended Detection & Response) on workstations and servers, capable of detecting malicious behavior. But it is above all essential to combine this technique with a detection and response service (MDR, Managed Detection & Response) consisting of experts capable of responding to incidents and countering all types of attacks.

Microsoft 365 filters aren’t 100% effective.

Even Microsoft Defender for Microsoft 365 misses a fair number of threats. It is recommended to implement additional security to Microsoft 365 security with an email security service.

This service will make it possible to detect and prevent attacks such as ransomware, identity theft (impersonation) or cyber fraud.

Once a web or mobile application is published, everyone has access to it.
However, the risks are numerous, they can come from the programming platform, the servers or the quality of the code. A Web application Firewall (WAF) will intercept all requests intended for the application and inspect them to filter out malicious requests.
In addition, a Web application Firewall (WAF) will also allow us to apply effective and fast rules to pages based on different criteria such as user geolocation.
Cloudflare is a recommended solution because it couples security with the CDN (Content Delivery Network) which will speed up service to users and relieve congestion on the application’s servers.

A Managed Security Operations Center (SOC) is also called SOCaaS Security Operations Center as a Service. SOC as a service.
This service makes it possible to recruit a team of security specialists like that of Exeo to monitor, detect incidents and respond to them in an effective manner by stopping cyber attacks.
The Managed SOC (SOCaaS) therefore consists of a combination of technology, processes and expertise recruited for a defined objective, the scope of which is defined by position or by protected user.

The client therefore avoids building this capability and recruits it in a managed way.

The following services are usually part of the Managed SOC:

  • Identifying managed assets and managing their risks;
  • Strengthening the security of workstations and servers by detecting and stopping attacks through Managed Detection & Response (EDR / MDR);
  • Vulnerability Management: continuous monitoring of the fleet and the level of vulnerability of software and configurations;
  • Web and dark web tracking to monitor activities relating to the managed park;
  • Detection and response to security incidents through advanced analysis and monitoring of infrastructure and users using technologies such as SIEM (Security information and event management) or UEBA (User and Entity Behavior Analytics).

The SOC is made up of cybersecurity specialists trained in incident detection and response.

Three types of specialists are part of a SOC:

  • Analysts will triage events and escalate potential incidents that require advanced investigation;
  • The specialists examine you on the identified incidents and initiate the response process;
  • The experts will intervene on advanced incidents and perform cyber forensics when necessary.

The engineers of the Exeo managed SOC are located in Paris – France, Beirut – Lebanon and Dubai – UAE.

Contact us

What can EXEO do for your business?

We believe that digitisation is not an end by itself, but a mean to get to a more productive and efficient business operation that supports every organisation’s objectives.

Reach out

Re-Architect

This methodology requires the most effort to implement but it results in the most optimised recurring cost and will provide the best scalability for apps. This involves re-adapting the code of applications and the heavy use of SAAS solutions in order to replace existing hosted applications.

Re-Platform

This method utilizes the power of  PAAS services, like transferring a database to an as-a-service model,  the use of containers for some apps or the use of network/security functions as a service. Greater scalability and lower cost of operation is achieved.

Re-Host (Lift & Shift)

the migration of workloads from  to the cloud without changing the architecture. Machines get to keep their  OS and apps. This is the quickest and easy way to migrate, but since its  utilising IAAS, its is also the most expensive on the long term.