Grove Information Systems

Grove Managed SOC Services - MDR/XDR/M-EDR/M-NDR

Grove's SOC Services provide Security monitoring, detection, and response, which is an essential countermeasure in all cybersecurity frameworks (NIST, CIS, etc) which has shown time and again in real-life incidents to be one of the most effective controls of loss in the war against cyber crime.

Features

• High customisation of SOC Services to customer environment
• Dedicated threat research team keeping up with changing threat landscape
• Fast deployment with minimal, if any, customer CAPEX
• Take logs and cross-correlate across multiple tools and vectors
• Use of SOAR to streamline SOC operations
• Incident Response tightly integrated with customer IT processes
• 24/7 monitoring of customer environments in real-time
• ISO9001 and ISO27001 certifications

Benefits

• Cost-effective pricing
• 24/7 responses from SOC team
• Ingests data from multiple sources to be best informed
• Much faster prevention or limiting of business loss
• Visibility prevention and deterrents with privileged and sensitive access
• Regulatory or industry compliance
• Multiple quality threat intelligence feeds
• Includes all required data source and SIEM tuning services

£1 a device

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pwitheridge@groveis.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

189107642683195

Contact

Philip Witheridge
+44 207 493 6741
pwitheridge@groveis.com

Planning

• Planning service: Yes
• How the planning service works: Level 1 incident response services provide our customers with a containment plan for each incident: a recipe of recommended actions required to limit the business damage and spread of the current incident. This plan is tailored to the capabilities and environment of the customer, and the implementation/coordination of activities in the containment plan is up to the customer organisation.; ; Level 2 incident response services provide our customers with all services of Level 1 IR, with the addition of a remediation for each incident. A remediation plan includes a sequence of recommended actions required to reverse the technical damage of the incident, to repair affected assets, and to prevent the same incident from occurring in the future. These services can be provided remotely (phone, videoconference, IM, etc.) or on the customer site.; ; The remediation plan and execution is tailored to the capabilities and environment of the customer, and the implementation/coordination of activities in the remediation plan is up to the customer organisation. Subscription to this level of service guarantees organisations fast access to an on-duty incident responder. As incidents can vary greatly in complexity, all remediation activities are billed on a time-and-materials (T&M) basis.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: The Grove SOC is run by a team of highly skilled cybersecurity experts, trained and experienced in the fields of data analysis and management, incident identification and triage, incident response, forensics, security engineering, penetration testing, red-blue teaming, and security training. Our SOC was created from a pool and our history of penetration testing expertise, providing the best foundation for a threat centric SOC, coupled with industry best practices and process excellence.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Customer digital environments are extremely diverse and complex, and as such, require thorough analysis and sound architectural integration with Grove SOC services. Because of this challenge, the Grove SOC customer on-boarding process includes several analysis steps to prepare for successful integration, as well as a post-integration period of Grove SOC technology and process optimization, and integration of Grove SOC and customer processes – for example, incident response playbooks, and incident response handover.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: After the technology platform integration phase, the Grove SOC capability moves into the “soft start” phase, where the Grove SOC service is already able to detect basic incidents and reduce risk to the customer environment. After this phase, the Grove SOC focuses on optimizing the detection and response platform to increase detection capability and accuracy to the optimal level for the customer environment. ; ; After the soft start phase, the Grove SOC team performs two basic functions: as there is already relevant (if noisy and unrefined) data flowing from the customer system, the Grove SOC analysis already provide basic detection and response services on a best-effort basis. On the other hand, the Grove SOC team begins the optimization process, designed to increase the accuracy, efficiency, and coverage of the SOCaaS service.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • Penetration Testing
  • Vulnerability Management
  • Threat Hunting
  • Honeypots
  • Code Review
  • Threat Intelligence
• Certified security testers: Yes
• Security testing certifications: Other
• Other security testing certifications:
  • CISSP
  • CISM

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: All services capable of producing logs are ingested into the SIEM and monitored.

Service scope

• Service constraints: Our services are explained in the Service Definition, Pricing, and Terms & Conditions documents.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email or online ticketing support; ; Yes; Support response times; ; We operate in a non-stop, global business environment —24 hours a day, 365 days a year—offering a range of specially tailored support packages. Grove’s Premier Support options include dedicated technical success managers, priority responses, customised escalations, weekly and monthly reports as well as clear service level agreement (SLA) guidelines.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Support levels: P1 - Critical business impact or critical loss of service - The issue must be logged via telephone A resolution of a next-steps action plan will be relayed within four hours for all support cases received from customers during each annual support period. P2 - Major or partial loss of service, where a work-around does not exist - Issue must be logged via telephone or the support portal A resolution or an initial next-steps action plan will be relayed within five hours, provided the customer provides all requested information in a timely manner. P3 - Questions, how-to queries or minor service impact - The issue must be logged via telephone or the support portal - A resolution plan will be relayed within eight hours, provided the customer provides all requested information in a timely manner. P4 - Documentation and enhancement requests - Issue must be logged via telephone or the support portal A resolution plan will be relayed within 24 hours, provided the customer provides all requested information in a timely* manner.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 17/04/2021
• What the ISO/IEC 27001 doesn’t cover: The whole organisation and all services are covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  The solutions and services we offer to G Cloud procurement organisations typically require new skill sets for which we provide employment and follow on mentorship training and growth opportunities.

Pricing

• Price: £1 a device
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pwitheridge@groveis.com. Tell them what format you need. It will help if you say what assistive technology you use.