Claranet Limited

Managed Detection & Response (MDR)

Claranet's MDR service will detect, identify and analyse threats and risks targeting your network. Our dedicated Analysis team will provide incident notification and response activities including remediation guidance on how to mitigate any threat. We provide post remediation activities to help shape your security posture and limit your risk exposure.

Features

• Assisted installation
• Online portal for simple ticket management
• 24x7 monitoring of your security alerts
• Remediation advice
• Threat Intelligence using open and closed sources
• Advanced threat hunting
• Standard and customisable detection rules
• Monthly reports covering incidents and threat hunting
• Quarterly service reviews
• Comprehensive Reporting for compliance and auditing Service benefits

Benefits

• Improved management of your environment, leading to better security outcomes.
• Reduced burden on IT staff.
• Improved response times to security incidents.
• Access to our specialised security expertise.
• Reduced costs associated with building and maintaining a security team.
• Advanced analytics and threat hunting.
• Incident categorisation and prioritisation based on your network.
• Custom use case design and development.
• Tuning and filtering to reduce noise and support cost.

£36,000 to £250,000 a unit a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK-bidteam@claranet.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

550636386401538

Contact

Claranet UK Bid Team
020 7685 8000
UK-bidteam@claranet.com

Planning

• Planning service: Yes
• How the planning service works: Managed Detection and Response as a service requires careful planning, and we are there at every step.; ; From initial scoping calls identifying the drivers and requirements, to initial needs documentation and design considerations such as what to log and if required locations to deploy sensors. Network design and traffic mapping is required to understand traffic flows, to collate an inventory of assets to monitor and the best log collection methods. Log collection techniques also come into consideration based on applications, OS, function, and business value.; ; This information forms the basis of the Data Storage requirements and ultimately the license / managed services costs. Following this, compliance requirements are understood and taken into the design.; ; Discussions around the managed service, escalation paths, authorised points of contact are all gathered ensuring you receive the service you require. We gather all of the relevant information and use this to create a structured SOW which outlines design, collection, function of the technology, and service.; ; The SOW also includes deployment time frames, phased approaches for large scale deployments, and recommendations aligned with best practice which may offer deployment options. Once these steps have been completed a proof of concept is recommended to validate the design.
• Planning service works with specific services: Yes
• Hosting or software services the planning service works with:
  • Managed Detection and Response
  • SIEM as a Service
  • Security Operations
  • Microsoft Sentinel
  • USM Anywhere

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: The MDR service can provide security monitoring to cloud technologies. Sensors can be placed in AWS or Azure and monitor access, user behavior, and files being accessed and modified.; ; Moving from on premise to a cloud solution can be tricky with elevated privileges during the transition being utilised for staff. MDR can monitor both on premise and cloud while the transition happens and after can continue to monitor your cloud environments.; ; Migration between cloud providers happens in the same way, sensors are deployed to existing instances and to new, allowing consistent monitoring during transitional phases and allowing for protection to be in place before, during, and after the transition has been completed.; ; Our solution can also support your Microsoft estate through Microsoft Sentinel.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: MDR takes measures to ensure that the end-to-end test is concluded before the go-live of the service, which validates that the technology and service are ready for live delivery. The quarterly service review assists in monitoring the quality of the service and covering any updates and changes. This review is a two-way service meeting that promotes customer feedback and ideas.; ; In addition, SLAs have been set up to ensure that a continuous and transparent approach to service delivery is in effect. The usage of these SLAs functions as a quality assurance procedure that helps maintain the quality of service.; ; Furthermore, performance testing of the solution occurs with tuning and filtering to minimise the number of false positives and noise from the monitoring platform. This process emphasises quality in service delivery and ensures efficient performance.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • Vulnerability Assessments
  • Threat Intelligence
  • Continuous Security Testing (CST)
  • Red Teaming
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST
  • Tigerscheme
  • Cyber Scheme
  • Other
• Other security testing certifications:
  • OCSP
  • MS AZ-500
  • MS SC-200
  • AWS Security Specialty
  • SANS-GIAC
  • GMON
  • MS AZ-900
  • MS AZ-104

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: Our MDR solutions can where applicable manage all technology components of the solution and service. For troubleshooting, maintenance issues etc, the MDR team support every element via a USM Anywhere deployment.; ; We can also provide a managed security service overlay for your Microsoft Sentinel instance.

Service scope

• Service constraints: There are no general constraints, however specific constraints maybe found during scoping and design exercises.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Incidents are categorised by priority or "P" levels and responded to accordingly. A P1 incident which typically relates to a key system/s being compromised, we would offer an SLA of 15 minutes following initial triage for an initial response. A P4 which is more likely to be informational or low risk to the client would have an SLA of 4 hours for a response following triage.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Support levels: We provide the one support level which consists of a full 24/7 365 monitoring of your security alerts, remediation advice, threat intelligence, and threat hunting.; ; Threat hunting involves Claranet’s Analysts performing proactive searches for potential breaches. These threat hunts search for IOCs based on Tactics, Techniques, and Procedures (TTPs). Threat hunting for specific TTPs involves having a deep understanding of the MITRE ATT&CK® Matrix for Enterprise.; ; A standard set of detection rules and the ability to create custom detection rules.; ; During onboarding and continuing through live service the alerts will be tuned to remove as many false positives as possible to ensure that Incident notifications remain relevant. ; ; A Monthly Report will provide a summary of the Incidents discovered during the month, all P1 to P5 Incidents, and outcomes of threat hunting. ; ; Once per calendar quarter, Claranet’s Cyber SOC Team will conduct a Quarterly Service Review with the Customer. During this meeting both parties will discuss the Incidents processed, break downs of false positives / benign Events vs Incidents, SLA metrics that have been met, service improvement recommendations, etc.

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: AT&T Cybersecurity (AlienVault) and Microsoft

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: DAS
• ISO/IEC 27001 accreditation date: 06/06/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: 7Safe Limited
• PCI DSS accreditation date: 11/01/2019
• What the PCI DSS doesn’t cover: Our PCI-DSS only covers physical security requirements 1 to 8. 10 and 11 are not covered
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO22301

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Sustainability is a core element of our CSR strategy. At Claranet, we recognise the significance of our environmental footprint, even if it’s small, and are dedicated to perpetual improvements in energy conservation and waste minimisation throughout our operations. Our Senior Management Team has defined environmental and energy policies with a structure for setting and revising environmental objectives and goals.; • Our approach to environmental management includes:; • Committing to lessen our environmental impact.; • Integrating environmental performance and management into our business practice.; • Encouraging recycling and eco-awareness across our workforce, clientele, and suppliers.; • Reducing eco-toxic emissions from company vehicles.; • Reducing our energy use.; • Aligning with stakeholders to meet or excel in environmental standards.; • Adhering to applicable environmental laws and regulations.; • Conducting regular audits to measure and report on environmental metrics and establish goals.; Our energy management is focused on:; • Complying with legal standards for energy use.; • Implementing and, where possible, exceeding best practices for energy management.; • Allocating resources to meet our energy objectives and improve our management system continuously.; • Procuring energy-efficient solutions and services when feasible.; • Using data to monitor significant energy use and set targets for reducing consumption across the enterprise.; Our commitment to sustainability is reinforced by certifications such as ISO14001 for Environmental Management, ISO50001 for Energy Management, and the Cisco Environmental Sustainability Specialisation.; Aiming for net zero by 2050, we are proactively seeking ways to achieve this sooner. Our efforts are transparent, with an external Carbon Reduction Plan available upon request.

  Equal opportunity

  Offering the opportunity to advance our people’s professional development is one thing, however, ensuring that everyone, no matter who they are, has that opportunity is something that we pride ourselves on. Diversity and Inclusion is a highly regarded topic at Claranet and one that we strive to work towards. We are committed to driving diversity and inclusion in a measurable way. ; Our HR and Management teams are working closely on diversity and inclusion initiatives to support the reduction in the gap in pay between men and women. We have a group of employees who have volunteered themselves to work together the ensure some of the most meaningful diversity and inclusion dates throughout the calendar year are acknowledged and/or celebrated with the goal of ensuring all of our employees feel a sense of belonging at Claranet. We are a signatory with the Tech Talent Charter (TTC) who pride themselves on bringing organisations together to drive greater diversity and inclusion within the Technology sector. Not only does this support women getting into technology, but those from multi-ethnic and lower socio-economic backgrounds as well. We are excited to be a part of this movement and hope to contribute to making the UK technology sector truly inclusive. We are also one of the founding members of the Technology Community for Racial Equality (T4CRE). We are proud to support this organisation that is focused on promoting diversity, equity, and inclusion in the technology industry (https://tc4re.org/who-we-are/). ; Our recruitment strategy and policy also heavily supports this. The makeup of our Senior Management Team further evidences our commitment to inclusivity, as it continues to represent an equal split between men and women, which is essential to leading a diverse workforce and promoting equality.

  Wellbeing

  Claranet are passionate about people and fostering a healthy and nurturing work environment.; Our dedicated Wellbeing and Engagement team, work in partnership with external providers to deliver our health and wellbeing scheme: Health is Wealth. The scheme is comprised of talks led by professionals, access to exercise classes, discounted gym memberships and access to a fully trained Mental Health First Aiders team. Some of our notable events include, a Stress Awareness seminar, Disability Awareness talk delivered by Lee Spencer, Employee led activity to celebrate Neurodiversity Week, Women in technology celebrations, Happiness in the Workplace celebration week and Imposters Syndrome webinar. Our in-house team plan employee activity based on employee feedback and suggestions, enabling us to deliver a very diverse programme and support network within the workplace.; In conjunction with this we also provide all employees with access to the Employee Assistance Program (EAP). This facility provides an independent, confidential, and unlimited service available 24 hours a day, 365 days a year. It provides access to specialist professionals who offer advice on stress and anxiety as well as a range of other issues such as bereavement support, legal guidance, and health related issues.; Our employees also benefit from core and voluntary benefits including dental cover and private medical that covers pre-existing conditions with a range of options to cover partners or families. Voluntary Critical Illness Cover of up to £150,000 also gives our employees and their families financial and practical support at times of need.

Pricing

• Price: £36,000 to £250,000 a unit a year
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK-bidteam@claranet.com. Tell them what format you need. It will help if you say what assistive technology you use.