SEP2 LIMITED

SEP2.security Endpoint Detection & Response (EDR)

SEP2.security EDR is a managed Endpoint Detection & Response service powered by the Crowdstrike Falcon suite.
Delivered by our "eyes on" 24/7/365 SOC team based in Leeds, West Yorkshire, SEP2.security EDR provides the technology and service to deliver the best Endpoint security.

Features

• Powered by Crowdstrike Falcon
• NextGen Anti-Virus & Machine Learning
• Delivered as-a-Service by SEP2 SOC
• "Eyes-on" 24/7/365 SOC based in UK

Benefits

• Best in class Endpoint Protection
• Protects against endpoint threats
• Delivered as a Service
• Customised reporting available
• Integrates into SEP2.security MDR to form XDR

£70 a licence a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@sep2.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

376747656627806

Contact

sep2 sales team
03300437372
sales@sep2.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Crowdstrike Falcon supports deployment onto Windows, Mac and Linux environments
• System requirements: Connectivity to the internet from the agent

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Sep2 support provides 24x7x365 support for all priority incidents, with a response time of 30 minutes for Priority 1. Priority 2 incidents are responded to within 1 working hour. Priority 3 incidents are responded to within 4 working hours. Priority 4 incidents are responded to within 12 working hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: All sep2 customers have an aligned account manager who manages all aspects of the customer relationship. sep2 support is priced depending on the number of licenses included.; At an additional cost, a technical account manager can be aligned to a customer where additional technical resources are required.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Once purchased, an email address must be provided for the engagement to be initiated. ; Once scope is agreed, a SEP2 representative shall lead an instance creation and setup basic features and authentication. Additionally, a resource shall be made available to assist with deployment of the sensors
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: SEP2 can facilitate the export of configuration data such as rules as part of the end of contract process
• End-of-contract process: SEP2.security EDR is a subscription service and so if the service is not extended then the service will stop.

Using the service

• Web browser interface: Yes
• Supported browsers: Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: CrowdStrike Falcon is managed through an HTTPS Web Interface. Security Administrators and Auditors can log in to the console to affect change in the security settings, monitor security detections, threat hunt etc.; Access to the console uses role-based administration with 2FA access.
• Accessibility standards: None or don’t know
• Description of accessibility: The service is accessible via a URL that is provided, an account is created after purchase which will have the licensed features attached.
• Accessibility testing: None.
• API: Yes
• What users can and can't do using the API: CrowdStrike Falcon Platform supports multiple API capabilities depending on the licences procured. These cover a wide range of capabilities but common uses are to :; Manage the roles and access of administrator accounts; Administer group membership of computers
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: End users can customise dashboards and create/edit prevention rules.

Scaling

• Independence of resources: SEP2.security is based on the Crowdstrike Falcon product which is cloud native ensuring automatic scaling in order to provide the resource scaling as needed.

Analytics

• Service usage metrics: Yes
• Metrics types: Dashboards on endpoint protection status are provided by default
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: SEP2.security EDR allows for exporting of data such as detection rules and associated configuration.
• Data export formats: Other
• Other data export formats: JSON
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: From Crowdstrike: The SLA around Falcon Platform is 99.9% uptime. We leverage the Amazon cloud and have built the CrowdStrike platform to be fully cloud based from its inception. This means resiliency, redundancy, and high availability are the core facets of the solution. Our SLA's and services are tracked internally, and disruptions are disclosed to the customer along with details of resolutions.
• Approach to resilience: The SLA around Falcon Platform is 99.9% uptime. We leverage the Amazon cloud and have built the CrowdStrike platform to be fully cloud based from its inception. This means resiliency, redundancy, and high availability are the core facets of the solution. Our SLA's and services are tracked internally, and disruptions are disclosed to the customer along with details of resolutions.
• Outage reporting: We provide notification of issues or outages via Tech Alerts, both in our support portal or via email.

Identity and authentication

• User authentication needed: Yes
• User authentication: Identity federation with existing provider (for example Google Apps)
• Access restrictions in management interfaces and support channels: Access to the Falcon Console is provided only through an Administrator account being created and then successful authentication via 2FA (QR code or integration with Ping / Okta / ADFS / AzureAD).
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: 21/10/2020
• What the ISO/IEC 27001 doesn’t cover: None - all aspects of our service are covered by our ISO 27001 ISMS
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: SEP2 are ISO27001 accredited for "The provision of cyber security services including security assessment, consultation and security management as per statement of applicability version 0.2"

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Preventative and corrective maintenance of the data center equipment is scheduled through a standard change process according to documented procedures.; ; Release notes are regularly updated that track changes to the service.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: This aligns to a recognized standard
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Undisclosed - can be provided under NDA
• Incident management type: Supplier-defined controls
• Incident management approach: Undisclosed - can be provided under NDA

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  SEP2 have a published Carbon Reduction Plan, available at https://www.sep2.co.uk/carbon-reduction-plan/. As per the information within that plan, SEP2 are committed to achieving Net Zero by 2035. SEP2 already have a number of initiatives in place to help manage our carbon footprint, including: • During 2020, SEP2 fleet vehicles were changed to be 100% Batter Eclectic Vehicles (BEV), and any and all additions to the SEP2 fleet will continue to be full 100% BEV. • SEP2 are a member of Cycle2Work scheme and encourage employees to reduce their emissions through cycling to work. • SEP2 provide re-usable bottles and cups for all employees and do not allow single use paper or plastic cups in the offices. • Hybrid home working is common across SEP2 to reduce commute emissions and direct Scope 2 GHG emissions. Future considerations in support of our plans to be Net Zero by 2035, the following future initiatives are being discussed within the SEP2 Senior Leadership Team • Electric car salary sacrifice scheme for employees who do not have a fleet vehicle • Projects to increase management of Scope 2 emissions through use of PIR/non-occupancy timers and other such technology within our office space • Review of company travel policy to better understand carbon emissions within Scope 3 that can be managed in this way • Review of our Scope 3 emissions within our supply chain to better understand our abilities to manage these with our suppliers By the end of 2024 SEP2 aim to have an established Environmental, Social and Governance committee which will have produced a report capturing the current initiatives that are in place within SEP2 to manage such considerations, as well as capturing a 12, 36 and 60 month plans detailing future initiatives in aim of meeting our NetZero by 2035 stated mission.

  Tackling economic inequality

  During one of the topical discussions in the Women in SEP2 group, Maya wanted to explore the reasons why, during recent recruitment for the SEP2 Central Response Team, only 7% of applications were Women. Maya said: “We considered the full route into Cyber Security, where does the interest begin? And how can we create opportunities? We decided it made sense to start with younger kids, getting them interested at an early age and showing them how exciting Cyber Security can be! We expanded this to not only girls and women, but to other minority groups who exist in schools and may not have the same level of access into a career in tech”. The outcome of this was the development of the SEP2 Cyber Schools initiative. SEP2 partnered with and invited local high schools within the Leeds area to come into the SEP2 offices and SOC and to participate in a day of activities to help educate students as to the potential career opportunities within the Cyber Security industry. Key goals of the event was to show the attendees of SEP2 Cyber Security School one of three distinctive areas of our business, as a good general starting point: 1. Attack (White hat, of course) 2. Defend 3. Analysis By providing a sample session on each focus area, we hope to encourage our students to be able to help identify their areas of interest and start to ask practical questions on how they can advance their learning to get one step ahead of their competition as they try to get their first foot through the door. We also held group presentations covering an overview of the industry as well as more practical sessions led by our People Manager who specialises in Learning and Development on topics such as CV writing.

  Equal opportunity

  SEP2 is a Medium Sized business, having between 50 and 250 employees. SEP2 is owned by three individuals, and a core commitment from the owners is shared and social responsibility. Within SEP2, there is a Share Ownership Scheme which over the past years and with future considerations included will see over 10% of the ownership of SEP2 be owned by our employees at all levels and across all teams. This is delivered primarily through a EMI incentive platform where employees are given actual shares, not share options as part of their ongoing development with SEP2. SEP2 have an award-winning Apprenticeship programme that spans a number of our different teams. Within the last 3 years we have had 20 apprentices join and go through this programme. Of the total, 8 are still within the programme and 8 have graduated into full roles within SEP2. Women in SEP2 is a community that fosters empowerment and collaboration. We aim to create a supportive and safe space for the Women in our business; a place where ideas can be shared, achievements celebrated, and advice sought from other Women in Tech. Each session is based around a 'Ponder Point', that we collectively think about before the session and come together to discuss. Anyone in the group can suggest a ponder point, some of the previous ones being Imposter Syndrome, Being Assertive Without Being Seen as a B*tch, and the underrepresentation of Women in Tech. Maya Lea-Langton, Cyber Security Analyst, has found a lot of value in joining these meetings. They said, “These sessions are also valuable for being a space to get to know people you may be unlikely to meet day-to-day due to remote working or being in different departments. Being able to have fun and thought-provoking discussions makes asking for help easier.”

  Wellbeing

  SEP2 pay the Living Wage to all employees SEP2 offer a number of benefits to our employees including being a member of the Cycle2Work Scheme to allow for employees to access bikes and cycling equipment without initial upfront expenditure. SEP2 are also a member of the TechScheme, which is a similar initiative allowing employees to purchase technology from places such as Currys via a salary sacrifice scheme. In addition, in 2022 to assist our employees with the cost of living crisis, SEP2 partnered with Sodexo to offer an employee benefit portal (SEP2 Rewards) that brings a huge number of options to our employees such as 3-10% savings on day to day shopping at locations such as Asda, Tesco etc, as well as benefits for the wider family such as discounted cinema tickets, bowling tickets etc. This is all available via an easy to use app and has enabled many of our employees to make significant savings across their daily spend. SEP2 provides our employees access to an Employee Assistance Program (EAP). The EAP provides; • Freephone advice, information and counselling service • 24 hours a day, 365 days of the year • Online information regarding health, fitness, nutrition and stress management resources SEP2 recognises the importance of employee wellbeing and seek to support this via Medicash, a healthcare cashback scheme which is delivered within our EAP program. With this benefit our employees are able to claim back their medical outgoings to a specific amount plus giving them numerous other services and products. Medicash can be extended to employee spouses and up to 4 children under the age of 18 who will receive half of the outlined monetary benefits.Medicash is available for all SEP2 employees and all new joiners will be auto enrolled onto the scheme

Pricing

• Price: £70 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@sep2.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.