Managed SOC Primenet managed cyber security operations center
Primenet's Managed SOC provides security for customers around the world and is the best managed cybersecurity operation service in Israel, our service goals are:
Professional incident response & investigation services. Improving the organisation's defense posture we monitor & response to threats and risks according to customer activity time in real-time.
Features
- SIEM SOC Service Monitoring around the clock for security incidents
- Incident Response dedicated IR team for sophisticated attacks
- Cyber Threat Intelligence social media forums tailored intelligence including darknet
- MDR Managed Detection Response provide advanced hunting and analysis capabilities
- Vulnerability Management Services schedule vulnerability scans analyzing results remediation
- Automate & Orchestrate Service designing and building workflows and playbooks
- Red team to test and refine the organizations security posture
Benefits
- Our service fits any regulation or standard
- Our service can manage on-premises existing tech
- The services are technology agnostic one team to manage all
- Single team with all skills and knowledge
- Framework based on ITIL CMMI NIST ISO27001 KillChain MITRE Att&ck
- Service can be adjusted to answer customers needs
Pricing
£6,000 a terabyte a month
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
2 1 1 2 3 5 6 5 4 7 9 4 3 7 5
Contact
PRIMENET LIMITED
Eran Cohen
Telephone: 07977544489
Email: tony@primenetuk.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- If the organization implemented a SIEM or EDR solution the service can be an add-on to manage and respond upon.
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Service constraints
- There are no service constraint.
- System requirements
-
- A virtual machine will be required
- The software licences can be procured by the organisation
- The licences can also be provided by Primenet
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Response is 24x7x365
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
- You would log on via a portal with 2 factor Authentication. Using any web browser.
- Web chat accessibility testing
- Not As Yet
- Onsite support
- Yes, at extra cost
- Support levels
- Primenet's 24/7 service desk puts an experienced team of highly-qualified engineers at your disposal. We have an enviable reputation for providing the kind of support your employees really want. Our service is a true round-the-clock, enterprise grade managed support service to ensure that the requisite expertise is on hand day or night to act swiftly should the unexpected happen. Response times are based on severity - Critical (10 minutes), Standard (45 minutes), Low (90 minutes). This is subject to having a support contract in place. These response times apply to outside of normal business hours (including weekends) subject to a 24/7 support agreement being in place. You will also have an assigned technical account manager who will work with you on current and ongoing requirements. We provide a Managed Service Desk, Unlimited Tickets starting at £25.00 per registered user, per month. (Not including Remote Network Monitoring). Remote Network Monitoring is added at £3.50 per device / appliance monitored.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- The TSOC service can be fully managed by Primenet, or manged by the end user with assistance from Primenet. Primenet fully supports installation and deployment of their recommended vendor solutions. Primenet can provide training of the service and also provide vendor documentation.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- In case of the system being procured and implemented on-prem the system can be hand-off to the customer with all data \ development and content.
- End-of-contract process
-
You will contacted three months from contract end to understand if you would like to renew the contract over the same term. If you decline, your tenant will be closed down on contract end date. Costumers can customise the service deliverable: monitored use cases, dashboards, IRP`s
Deployment architecture can also be customized per need.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- Yes
- User support accessibility
- None or don’t know
- Description of service interface
- The client can have access to the services via a web browser.
- Accessibility standards
- None or don’t know
- Description of accessibility
- Via a Browser or via an API
- Accessibility testing
- Not at this time
- API
- Yes
- What users can and can't do using the API
- Users can access the SIEM solution collect data or perform actions within the system. The SOC service itself will manage and use the technology collect logs data and collect incidents data etc.
- API documentation
- Yes
- API documentation formats
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
Costumers can customise the service deliverable: monitored use cases, dashboards, IRP`s
Deployment architecture can also be customised per need
Scaling
- Independence of resources
- There is no effect to the service
Analytics
- Service usage metrics
- Yes
- Metrics types
-
KPI KRI
number of incidents
SLA breached
Events per second
other metrics - Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra support
- Organisation whose services are being resold
- TrustNet
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- There is no user data to export with the service
- Data export formats
- Other
- Other data export formats
- N/A
- Data import formats
- Other
- Other data import formats
- N/A
Data-in-transit protection
- Data protection between buyer and supplier networks
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Other
- Other protection within supplier network
-
URL filtering
Mail relay
endpoint protection
DLP
EDR
Availability and resilience
- Guaranteed availability
- The service resides on the customer premise so will meet any availability on network or within their cloud environment.
- Approach to resilience
- Available on request
- Outage reporting
- There are email alerts sent to the TSOC in the event of a server or technical malfunction.
Identity and authentication
- User authentication needed
- No
- Access restrictions in management interfaces and support channels
- TSOC has a full audit-ability and end-to-end encryption.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- British Assessment Bureau Ltd
- ISO/IEC 27001 accreditation date
- 07/10/2021
- What the ISO/IEC 27001 doesn’t cover
- We have Full Certification
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
Other security governance standards
Cyber Security Essentials Plus
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Any changes are handled within the maintenance of the service. i.e. patching of the virtual machine or physical updates to the software running on the machine. There defined and managed processes and are managed within the window of changes.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Our systems are constantly monitored by our security team. As a company which develops vulnerability assessment tool we are well aware of VA sphere and we perform internal pen-tests and daily scans on our tool all threats are flagged in a unified dashboard
all endpoints have AV installed on them. Access to our systems is role based tools are monitored and scanned regularly
we operate a log for user action and perform real-time DLP and Anti malware and ransomware scans - Protective monitoring type
- Undisclosed
- Protective monitoring approach
- We respond within hours to potential threats. We look for threats that evaded the security mechanisms. discovering of zero days and hidden threats. constantly monitor for anomalies in terms of access to files dns requests or unusual outbound network using organizational barriers such as NG FW EDR DLP and constant monitoring.
- Incident management type
- Supplier-defined controls
- Incident management approach
- As a security company. We would rather not disclose our internal approach as we hold rather a lot of sensitive and critical client data.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Tackling economic inequality
-
Tackling economic inequality
Primenet works with multiple vendors and is able to provide our customers with access to the right technology at the right time, providing organisations with a flexible supply change and enabling them to take advantage of new technology when appropriate without the need for heavy capital investments
Pricing
- Price
- £6,000 a terabyte a month
- Discount for educational organisations
- Yes
- Free trial available
- No