Sentinel’s Security Operations Center (SOC) closely monitors your network and related infrastructure 24x7x365 to help prevent, detect, and eliminate both exterior and interior threats as they emerge.
Our people, our process, and our technology work together in the Sentinel SOC to ensure your organization remains protected at all times.
People
- 24*7*365 Security Analysts and managed services staff
- Multiple Vendor Credentials and Skills
- Triage Sevices available on site or remote 24*7*365
- Sentinel employees at security operations centers in the U.S.
Process
- Mature process for identification, investigation, and response to security alarms
- Visibility and response across tenants globally
- Ongoing directive creation, optimization, and distribution
- Regulatory Compliance- Audited SOC 2, Type II attestation exceeds HIPAA, PCI, and many other requirements with compliance reporting services
Technology
- Cloud delivered with strict availability SLAs and storage-based snapshot protection
- Premise sensors and integration to hundreds of protection technologies
- SecuritySelect® Threat Exchange – automated directives distributed to tenants and subscribers for continuous improvement and intelligence
- Hundreds of available security asset integrations available and maintained with continuous library development for the broadest integration available
When you sign up for SOC services, Sentinel takes an active role in keeping your company safe. That includes 24x7x365 monitoring throughout your entire network, including every user and device, whether it’s a phone, laptop, tablet, or Internet of Things (IoT) object.
Sentinel’s SOC enables your business to build a strong threat protection strategy and architecture based around a comprehensive portfolio of signature, behavioral, and heuristic security technologies. Real-time traffic feeds combined with world-class threat intelligence from our CloudSelectTM Threat Exchange (CTX), Security Information and Event Management (SIEM), and regular assessments allow us to send notifications and issue a service ticket the moment an alarm is triggered. From there, Sentinel’s security analysts are available to assist with the identification, investigation, and guided remediation of the threat. On demand triage services are also available in a remote or on-site capacity.
Prevent
- Advisory services for threat prevention strategy and architecture
- Complete portfolio of signature, behavior, and heuristic protection technology
- Triage Sevices available on site or remote 24*7*365
- Zero day automated threat response services
Detect
- Real-time traffic feeds blend with world-class threat intelligence
- Regular scheduled and on demand assessment capabilities
- Log aggregation, correlation, and ratings
- Real-time dashboard, historic reporting, compliance services
Respond
- Aggregate, correlate, and rate alarms and risk for response
- Automated and manual ticketing with multiple status levels
- Security analysts assist with identification, investigation, and remediation
- Triage services available for remote and on site incident remediation
Sentinel’s Managed Detection and Response (MDR) services add advanced and cost-effective protection to your organization’s security operations capabilities via 24x7x365 threat monitoring, analytics, and remediation.
Maintaining your own internal security team capable of handling the challenges associated with keeping your network, data, and users safe takes an exceptional amount of time, money, and effort. Sentinel’s MDR services provide your organization with an easy and inexpensive alternative approach to hunting and containing threats quickly, with expertise and features designed to enhance your overall security posture. It functions as a supplemental line of defense, intended to fill in gaps or immaturities within your security infrastructure as well as go beyond traditional SOC monitoring to include incident management and remediation services using our pool of security experts and engineers.
Sentinel's MDR services primarily focus on rapid threat detection and validation; to disrupt attacks that have evaded firewalls and other perimeter security measures. Our SOC team of experts monitor your environment 24x7x365 and use data provided by your existing security tools integrated with our own unique blend of security technologies to proactively analyze and investigate suspicious activities. If a legitimate threat is discovered, Sentinel's MDR analysts will immediately send alerts and begin incident management processes.
- Identify – Review indicators of compromise (IOC) from the MDR service
- Investigate – Check alarms and further explore potential compromises
- Notify – Send email and phone notifications for confirmed compromises
- Remediate – Manage white list and black list incidents, and provide guidance to customer remediation response teams when applicable