Skip to main content

Help us improve the Digital Marketplace - send your feedback

UST Global Pvt Ltd

Tailored Threat Intelligence

Continuous collection, research and analysis of intelligence information pertaining to digital assets, environment and resources; to identify threat campaigns, attack indicators, exploitable vulnerabilities and data leakage.

Features

  • Anticipate Threats Targeting Your Business
  • Be Proactive Against Threat
  • Fast identification and notification of emerging threats and exposures
  • Prioritisation and validation of threats by expert analysts
  • Truly actionable threat intelligence
  • Relieve the pressure on your team while maintaining control

Benefits

  • Significantly reduce incident detection & response times
  • Single pane of glass for all Security Operations
  • Automation ensures human analysts utilised for higher impact tasks
  • Security Orchestration and Response (SOAR) as a service
  • Delivery of cloud-native security monitoring
  • Strong security eco-system to ensure ongoing value & enrichment
  • Underpinned by established security framework (MITRE ATT&CK)
  • Leverage existing SIEM investments (i.e QRadar, Splunk, etc)
  • Our analyst teams can become an extension of your resources
  • Complete visibility - you see what's going on continuously

Pricing

£8 to £23 a user

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukpublicsectorsales@ust.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

1 1 1 3 6 6 5 0 6 0 2 0 2 5 2

Contact

UST Global Pvt Ltd Patrick Marren
Telephone: 07544102103
Email: ukpublicsectorsales@ust.com

Service scope

Service constraints
N/A.
System requirements
  • Agents or collection software on virtual machines or log aggregators
  • A SIEM tool is required - either new or existing

User support

Email or online ticketing support
Email or online ticketing
Support response times
Customers can raise service requests via email, phone, or a web portal (using Chat or Ticket) 24/7/365, with defined service SLAs to respond based on incident/issue severity.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Customers can raise service requests via email, phone, or a web portal (using Chat or Ticket) 24/7/365, with defined service SLAs to respond based on incident/issue severity.
Web chat accessibility testing
WCAG 2.0 standard testing done.
Onsite support
Yes, at extra cost
Support levels
The service governance model is established during engagement, featuring a Dedicated Customer Success Manager, measurable service maturity via Customer Satisfaction (CSAT) and Net Promoter Score (NPS) scoring, named CyberProof individuals for engagement, clearly defined communication interfaces ensuring proper escalation procedures, bi-weekly program status meetings, regular reporting on program and service status, and a clearly defined RACI matrix.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
The CDC service includes a comprehensive on-boarding phase to setup and customise the platform to the specific requirements of each individual customer's security operations requirements which includes virtual instructor-led training provided prior to go-live with ongoing access to documentation for help and FAQs
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
We can provide a JSON extract of all data on the contract end
End-of-contract process
We will assist with service transition or export of data as required at end of the contract - either into the customer's new service provider platform or into a customer owned system.

Using the service

Web browser interface
Yes
Using the web interface
Users can collaborate on the web portal called CyberProof Defense Centre (CDC) using ChatOps, email or phone. No limitations to the number of users and role based access control is defined to specify user access. The CDC provides an interactive single pane of glass for all Security/SOC Operations meaning customers have continuous and complete visibility and (where required) involvement in incident detection, response and remediation processes.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
The web interface is accessible on various browsers (with accessibility features) to allow assistive technology to interact with the end user machine. The web interface itself does not provide any assistive technology.
Web interface accessibility testing
Standard Guided User Interface (GUI) testing on Microsoft Internet Explorer, Google Chrome and Mozilla FireFox web browsers
API
Yes
What users can and can't do using the API
Users consume service through the web portal called CyberProof Defense Centre (CDC) where incidents, reports and dashboards are available. API is available to Microsoft Power BI for custom dashboards.
API automation tools
Other
Other API automation tools
N/A
API documentation
No
Command line interface
No

Scaling

Scaling available
Yes
Scaling type
Manual
Independence of resources
Our service is a single tenant solution, meaning it is dedicated to the customer it serves. The only shared element of our service is our human security analysts who act as an extension of our customers own security team to support incident response and investigation.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
No

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Microsoft, Google, Splunk, IBM etc

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Digital playbooks
  • Incident workflows
  • Security Alerts
  • Security Incident logs and processes
Backup controls
We continuously back up the entire platform using cloud-native backup services and high availability practices (i.e. meshed networks, redundancy, etc)
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Supplier controls the whole backup schedule
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Microsoft Azure Cloud and Google Cloud SLAs apply for the platform provided as a service. Security service SLAs are defined based on the criticality of the incident and relevant service credits are issued.
Approach to resilience
Microsoft Azure and Google Cloud best practices are used for resiliency setup.
Outage reporting
E-mail alerts

Identity and authentication

User authentication
Identity federation with existing provider (for example Google apps)
Access restrictions in management interfaces and support channels
Role Based Access Control allows the customer to define groups and access requirements to which users can be added.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
Devices users manage the service through
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Intertek Certification Limited
ISO/IEC 27001 accreditation date
Initial certification date – 5 dec 2017. Latest certification date – 25 sep 2023
What the ISO/IEC 27001 doesn’t cover
The certification includes application development, application management, infrastructure management services, engineering services, business process, outsourcing services, support functions such as human resources, finance, workplace management, sales & marketing, information services, information security management system, covering on-premises and cloud environments within UST.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
  • ISO22301
  • SOC1 SOC2 type II

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
ISO/IEC27001

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
We track all service components (SIEM, EDR, etc.) through their lifecycle via a Configuration Management Database (CMDB) and change management system. Changes go through a security review to assess impact and vulnerabilities. Regular vulnerability scans, penetration testing, and patching ensure platform security.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Continuous Scanning: We undergo automated vulnerability scans at regular intervals to identify potential weaknesses.

Threat Intelligence Feeds: We stay updated on emerging threats by subscribing to reliable vulnerability feeds from security vendors.

Prioritized Patching: Identified vulnerabilities are assessed for severity and exploitability. Critical vulnerabilities receive priority patching to minimise risk.

Rapid Response: Our design allows for swift deployment of security patches, minimising the window of exposure.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Potential compromises are categorised using security analytics based on risk and severity and assigned to be either Critical, High, Medium or Low importance and then relevant internal SLAs are applied against them for investigation and response aligned to remediation time-frames within the SLA.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Our Incident Response process is aligned to NIST SP 800-61 Computer Security Incident Handling Guide, and steps are defined in the preparation, detection, identification, analysis, containment, eradication, recovery and post analysis stages of the life-cycle against the MITRE ATTACK framework.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Yes. Sustainability is a key part of our design philosophy and our efficient new data centers. We prioritize the decarbonization
and establishment of circular IT infrastructure, while also focusing on designing and implementing cloud migration and operations. Monitor and report on power and energy consumption, Aisle cooling for data centers, Reduce energy consumption where possible.

Social Value

Social Value

Social Value

  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Tackling economic inequality

UST engages in numerous initiatives for tackling economic inequality, these include:
• Working with local Combined Authorities and training providers to build training courses (focussed on digital skills) for economically disadvantaged citizens.
• People who engage in these courses can then be hired by UST into full-time roles and begin their career in technology.
• UST support closing skills gaps in key technology areas e.g. UST have developed a mobile application to support the development of skills in Artificial Intelligence for 3 key user profiles – those looking to start a career in AI, those looking to move into an AI role, and citizens who are interested in AI.
• UST are keen to support local SME’s and can agree with a buyer as to how many local SME’s will be utilised in an engagement.
• UST invest significant sums into innovation aimed at delivering more productivity at lower cost e.g. we have developed our own Generative AI Testing platform.

Equal opportunity

UST engages in numerous initiatives for promoting equal opportunities, these include:
• Working TechSheCan to enable great access to women within the world of tech careers. UST also invested in building the training platform for TechSheCan.
• UST work with numerous partners to support veterans who want to start a carer in Tech once they have left the military.
• UST are an equal opportunities employer and do not discriminate on the basis of age, sex, gender, disability, or religion. We can share our policies and process for this to support discussions.
• UST have published a detailed Modern Slavery statement and have processes in place to support this. More details can be found at: https://www.ust.com/content/dam/ust/documents/modern-slavery-statement-2022.pdf
• UST works with local skills development partners to support the development of tech skills amongst numerous societal groups.

Wellbeing

• UST have developed a Digital Inclusion Community App to support the development of essential digital skills amongst digital excluded people. This enables citizens to be able to use digital services, from both Public and Private organisations, driving a more integrated digital community.

Pricing

Price
£8 to £23 a user
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
POC for 4 weeks
Link to free trial
https://go.cyberproof.com/speak-with-an-expert

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukpublicsectorsales@ust.com. Tell them what format you need. It will help if you say what assistive technology you use.