CDW Limited

CDW Reliance Cyber Sentinel Managed Extended Detection and Response (XDR) Threat Detection Service

Our Microsoft Sentinel XDR service detects and mitigates cyber risks using proactive intervention and automated response tactics. Our CREST registered SOC uses security cleared cyber analysts to proactively mitigate and respond to threats. Tooling includes Microsoft Sentinel SIEM, Google Security Operations SOAR, EDR solution, MDR and Global Threat Intelligence.

Features

• Automated threat response using Google Security Orchestration, Automation and Response
• Analyse threat data with Google Security Information and Event Management
• Endpoint Detection and Response (EDR), endpoint monitoring and endpoint containment
• Private Threat Intelligence with 24x7 threat monitoring and proactive remediation
• Managed Detect and Response (MDR) or Extended Detection Response (XDR)
• ISO 27001 certified, dedicated 24x7x365 UK-based security operations centre (SOC)
• In-house Threat Intelligence analysis delivers content-driven operational reports
• SOAR automated response actions actively ensures 24x7 critical system availability
• Advanced threat hunting by in-house experts across the cyber kill-chain
• Tailored MITRE ATT&CK threat modelling workshops continually increasing security posture

Benefits

• Reduced security cost, increased security coverage and advanced security monitoring
• Strengthened security posture with decreased MTTR and reduced MTTD
• Extended threat visibility and defence coverage with increased operational support
• Continuous security improvement with in-house use cases and custom playbooks
• Integrated Threat Intelligence for improved threat response capabilities
• Scalable service offering with fixed pricing model, supporting organisational needs
• Flexible and adaptable to emerging threats and increased threat landscape
• Upskill internal knowledge with access to accredited cyber professionals
• Augments inhouse IT and reduces cyber risk through risk prioritisation
• ISO 27001, Cyber Essentials Plus, NCSC, GDPR, PCI DSS compliant

£4 a unit a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@uk.cdw.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

324353059287743

Contact

Andy Wood
0161 837 7744
tenders@uk.cdw.com

Planning

• Planning service: Yes
• How the planning service works: "We develop the XDR service in alignment with the customer’s specific goals and security requirements. As a technology-agnostic supplier, we utilise a mixture of technologies alongside our SIEM and SOAR solutions to ensure the customer receives a security service built around their existing infrastructure. Our professional services team will help to design and plan the security solution, before following a detailed project plan to integrate alongside the customers infrastructure.; ; Technical Discovery ; We conduct introductory workshops with a project manager, senior engineers and analysts to identify the business critical endpoints within the environment. These sessions focus on current security posture, security pain points, cultural and business context required to provide maximum ROI.; ; Threat Modelling; This provides a holistic overview of the environment and the key risks and controls involved with the relevant log sources. From this, our engineers will validate their understanding of the environment, constructing targeted playbooks and use cases to the environment. Initially these sessions will contribute to the architectural design of the security solution, but ongoing threat modelling sessions throughout support lifetime will support the ongoing development of security rulings and use cases."
• Planning service works with specific services: Yes
• Hosting or software services the planning service works with:
  • Google Security Operations SOAR
  • Microsoft Sentinel SIEM

Training

• Training service provided: Yes
• How the training service works: "We provide specific training aligned to the security solution developed for the customer as part of the onboarding and overall service support. This training will upskill customer resources on how to interact, manage, review and respond to the output from the security solution. These can be whole overviews of the service or specific tailored sessions around individual tooling that is most relevant to the customers day to day working requirements. Access will be given to vendor training materials during the onboarding of the process, ensuring that the customer is ready to use the security system to its full capability once fully onboarded.; Alongside this, we provide an expert escalation point for security concerns or questions.; All training costs are included within the onboarding and ongoing costs of the service. Training is typically conducted remotely, focusing on upskilling internal IT teams who are managing the internal security tools for the customer. "
• Training is tied to specific services: Yes
• Services the training service works with:
  • Extended Detection and Response (XDR)
  • Google Security Operations SIEM
  • Google Security Operations SOAR

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: "The XDR service is fully integrated with monitoring cloud solutions, across a wide range of cloud platforms and architectures.; The service is tailored to the customers environment, providing flexibility and scalability both during the design process, and later as the customer continues to grow their business needs. Initially, our professional services team will work with the customer during workshops to test and validate their understanding of business critical and non-critical data sources. Using this information, we migrate the customers current system into our 24x7 monitoring solution, building rules and custom playbooks to accommodate the infrastructure specific needs. ; We also implement a number of foundational security measures, including pre-built rules and use cases, that we have developed over a number of years. These rules are applied across our customer base for common threats that pose a risk to environments across the cloud.; We have the expertise and experience to support migration of cloud environments, hybrid environments or on-premises equipment that is required to move to the cloud. Our detailed onboarding process accommodates the full range of situations and will be tailored to the scope of the environment."
• Setup or migration service is for specific cloud services: Yes
• List of supported services:
  • AWS
  • Azure
  • Google Cloud Platform
  • Microsoft 365

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • Threat Detection/Hunting
  • Threat Intelligence
  • Vulnerability Management
• Certified security testers: Yes
• Security testing certifications: CREST

Ongoing support

• Ongoing support service: Yes
• Types of service supported: Hosting or software provided by your organisation
• How the support service works: "Our Security Operations Centre (SOC) provides ongoing support 24x7. This can be in the form of notifying that an incident has been resolved, making proactive changes to protect against an emerging threat or providing side by side support through a critical incident. Whatever the need, our analysts will be available any time of day to remediate any issues you encounter.; As a cloud-based solution, XDR’s support is solely remote, as there are no physical elements required to conduct the service."

Service scope

• Service constraints: "As a cloud based support solution, XDR does not require a physical support presence and is solely remote focused.; Onboarding of the service is based on normal UK business hours of 09:00 - 17:30."

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our SOC functions 24x7x365, responding across our customer base. Standard response times are based on SLAs finalised based on pre-defined threat impact priority levels. Standard SLA/response times are: ; P1 (Critical) –Notification to customer within 30 minutes – Update from Reliance Cyber within 1 hour.; P2 (High) –Notification to customer within 60 minutes – Update from Reliance Cyber within 2 hours.; P3 (Medium) –Notification to customer within 4 hours – Update from Reliance Cyber within 4 hours.; P4 (Low) –Notification to customer within 12 hours – Update from Reliance Cyber within 12 hours.; General Service Requests – < 2 business days.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Support levels: "XDR technical support is provided 24x7x365 by our technical analysts. They will monitor all alerts, remediating and containing these threats and notifying the customer based on the threat level in line with the agreed SLAs. A senior technical analyst will also be assigned to the customer’s account to provide ongoing support and answers to any technical questions the customer may have. A customer success manager and account manager will also be assigned to the customer, to support the ongoing success of the support and general account management. ; All costs for support are included within the ongoing service cost of the support."

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Reliance Cyber

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: 14/09/2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  "As a SME business, our direct Green House Gas (GHG) emissions are relatively small, however, we are always looking to streamline our business to ensure energy efficiency. Although we are not required to have a Carbon Reduction Plan, we have a current target of reducing GHG emissions by 15% by 2025. So far, the steps we have taken have reduced our GHG emission output by an average of 39% when comparing our 2022 figures to the current 2023 figures. These steps include:; ; - Hybrid working and remote SOC – We transitioned our employees to hybrid working, as well as our SOC to completely remote. This allows us to improve the spectrum of employees that we hire, whilst limiting the GHG emissions typically taken due to travel into the office.; - Building energy efficiency – With the transition to a more remote way of working, we used this opportunity to move to a more energy efficient office space. This includes the installation of LED lights across our office, movement activated lighting and a controlled HVAC system.; - Encouragement of public transport – We have invested heavily in encouraging our staff to make use of public transportation. As well as allocating a fund to each hybrid worker to use towards public transport, we provide bike storage and showers in the building."

  Covid-19 recovery

  "Ensuring the health and wellbeing of our employees remains a paramount priority for us as an employer. To uphold their safety, we maintain the following initiatives:; - We adhere strictly to Government guidelines for Covid-19.; - Embracing flexibility, we support full remote work and hybrid arrangements for most roles. Recognising the significance of regular interpersonal interactions, we've established a fund to cover transportation expenses for hybrid workers commuting to the office, alleviating any financial burden.; - We actively solicit feedback from our staff through polls, seeking valuable insights on office operations, preferred meeting structures and overall comfort levels with our organizational practices.; - With heightened awareness of mental health challenges associated with prolonged remote work, our trained Mental Health First Aiders provide practical support. Additionally, our Staff Forum fosters team cohesion through various activities such as social gatherings, quizzes and challenges, facilitating connections among teams.; - Our Staff Forum also coordinates charity competitions aimed at supporting local charitable causes. In response to employee input, all funds raised over the next 12 months will be directed towards St Luke’s Cancer Centre at the Royal Surrey Hospital, underscoring our commitment to community support."

  Tackling economic inequality

  "We believe in addressing economic inequality from its roots, actively engaging with various events and schools to inspire individuals and pave the way for their entry into the industry. Partnering with initiatives like the NCSC CyberFirst apprenticeship program, we are committed to supporting apprentices as they embark on their cybersecurity journey. Recognising the challenge of limited entry-level opportunities in the cybersecurity field, we strive to nurture talent and facilitate career advancement.; Separate engagement days are held for young women and school-aged girls to ensure we give all equal opportunity to gain insight into this industry and explore possible career paths. Our senior leadership team actively participates in women in technology events, championing the invaluable contributions of women in our field.; Our hybrid/remote working model serves as another avenue for promoting careers by enabling us to attract top talent from diverse backgrounds. This inclusive approach ensures individuals from economically disadvantaged areas are given equal opportunities to pursue fulfilling careers.; In our commitment to tackling inequality, we provide all employees with a training budget to support their professional development, empowering them to progress in both current and future roles. This budget roughly amounts to about 1% of our annual turnover per year, highlighting the criticality of keeping our staff up to date on the latest certifications. Complementing this initiative is our mentorship program, where employees have the opportunity to choose a senior leader as their mentor. This personalised support system allows employees to receive guidance tailored to their career aspirations, fostering their growth and advancement within the organisation.; We also ensure to pay all employees in line with the Real Living Wage, with current plans to get certified within the next 12 months."

  Equal opportunity

  "As an equal opportunity employer, we encourage and promote equal opportunities across our organisation. Our dedication to equality begins with our hiring practices, which have been broadened by transitioning to a hybrid/remote work model. This expansion allows us to recruit talent from diverse backgrounds across the UK, enhancing both our workforce's expertise and its diversity.; Alongside this, our senior leadership team actively participates in women in technology events, championing the invaluable contributions of women in our field. These engagements not only celebrate existing achievements but also inspire future generations by providing young women and girls with firsthand insights into cybersecurity careers. We maintain our support for women and girls in STEM through partnerships with organisations like the National Cyber Security Centre (NCSC).; In-house, our mentorship program further promotes equality by offering all employees access to guidance and support from senior leaders. This initiative aims to nurture talent and facilitate career progression within our organisation, while empowering individuals to pursue their professional and personal goals.; We work with several partners, including the NCSC CyberFirst apprenticeship programme, to support apprentices into the industry. Cyber security suffers from a lack of available, skilled practitioners and we are keen to bring new talent into our industry. CyberFirst is designed to identify and nurture a diverse range of talented young people into a cyber security career. CyberFirst activities are intended to inspire and encourage students from all backgrounds to consider a career in cyber security."

  Wellbeing

  "To foster a people-focused working environment, prioritising the wellbeing of our employees remains paramount.; As part of our commitment, all employees are provided with comprehensive private medical health cover upon employment. This encompasses a range of services accessible 24/7 through our mobile app, including health checks, screening and access to Virgin Active memberships. Additionally, mindfulness, wellbeing and relaxation courses are readily available to support our employees' mental and physical health needs.; Recognising the importance of mental health support, we have invested in training for three dedicated Mental Health First Aiders. These individuals play a pivotal role in providing immediate assistance within the workplace and offer valuable feedback to HR on potential areas of improvement across the organisation. Their presence is promoted digitally and physically within our office break-out areas.; To further promote wellbeing and inclusion, a dedicated team of employees forms our Staff Forum. Meeting bi-weekly, they organise various initiatives such as competitions, charity events and awareness days. These events aim to unite the company and raise awareness on diverse topics, including Women in Technology and Men's Health Awareness Month. Recently, the Staff Forum organised charity competitions that fostered team building among employees whilst supporting our charity partner The Fountain Centre, an independent charity located within St Luke’s Cancer Centre at the Royal Surrey Hospital.; Committed to the professional growth of every team member, we provide opportunities to address skill gaps and enhance qualifications. At the start of each financial year, employees are allocated a training budget to refresh and improve their certifications. Our goal is not only to bolster their expertise in their current roles but also to serve as a foundation for career advancement, supporting employees in their individual career aspirations."

Pricing

• Price: £4 a unit a month
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@uk.cdw.com. Tell them what format you need. It will help if you say what assistive technology you use.