DCO and CSOC Malware and Intelligence
A unique service combining the best of breed open source and commercial COTS technologies to enable cyber threat intelligence and malware analysis capabilities. 3Dot Solutions have proven pedigree in integrating technologies into a workable pipeline to ensure analysts are operational and organisations can operationalise CTI and malware analysis functions.
Features
- Intelligence maturity assessments
- Intelligence stakeholder mapping, prioritisation and intelligence production planning
- Intelligence management & collections management planning
- Intelligence data management planning and implementation
- Bulk data collection and exploitation
- Cyber Threat modelling frameworks
- Near real-time malware analysis and tactical intelligence production
Benefits
- Plan and execute a cost effective CTI programme
- Ensure stakeholders receive actionable intelligence
- Understand key cyber threats to your organisation and take action
- Produce highly contextual intelligence by exploiting and analysing internal data
- Reduce costs and improve efficiencies in your cybersecurity programme
- Share intelligence and collaborate with partners in your industry
Pricing
£595 to £1,895 a unit
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
5 9 3 0 5 0 4 9 2 4 9 1 2 0 8
Contact
3DoT Solutions
Michael
Telephone: 0870 314 3368
Email: info@3dot.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Service constraints
- None
- System requirements
- Licence procurement for any desired COTS services or technologies
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Within 4 hour triage period
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Yes, at an extra cost
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 AAA
- Web chat accessibility testing
- None
- Onsite support
- Yes, at extra cost
- Support levels
- Standard support offering of Monday to Friday 0900 – 1700. Phone response within four hours. Additional support can be provided for an extra cost, this is variable but designed to meet the customer needs up to dedicated 24/7 support.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Once requested, the service starts with a series of discovery meetings with relevant stakeholders, to ensure the service is bespoke to achieve the client requirement. Training is provided to ensure clients understand the service, integrations and any ongoing support and maintenance.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- ODF
- Other
- Other documentation formats
-
- Microsoft Office
- Open Office
- End-of-contract data extraction
- 3Dot Solutions does not store any data on behalf of the client. All data is contained within repositories with on premise or in public or private cloud envrionments.
- End-of-contract process
- The 3Dot Solutions service includes discovery activities, architecture, design and implementation to the agreed MVP. Additional features or ongoing support and maintenance are charged at additional rates.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- No
- User support accessibility
- WCAG 2.1 AAA
- API
- Yes
- What users can and can't do using the API
- APIs are used to integrate the various technologies stacks and enrich data from any desired third parties
- API documentation
- Yes
- API documentation formats
- Other
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- The 3Dot Solutions DCO and CSOC Malware and Intelligence service is fully customisable to suit the end client requirement.
Scaling
- Independence of resources
- The 3Dot Solutions service is scaled to meet user demand. Contention rates are agreed and suitable SLAs established to ensure impact on user access is not affected.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Full analysis of API usage, bandwidth and storage metrics are available on request.
- Reporting types
-
- API access
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Physical access control, complying with another standard
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Users are able to export data via APIs or file export features
- Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- STIX
- Data import formats
-
- CSV
- ODF
- Other
- Other data import formats
-
- STIX
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- Availability requirements are agreed with the customer on service commencement. Service credits can be issued for non-compliance if required.
- Approach to resilience
- Service resilience information available on request.
- Outage reporting
- Outage reporting agreed with each individual client based on their needs, but can include dashboard/APIs/emails/month reports etc
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- Full and authoritative identity and access management is enforced, including disabling of common accounts such as admin/guest.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- NIST / Cyber Essentials
- Information security policies and processes
- 3Dot Solutions has a full set of security policies and processes defined via an ISMS
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Full change and configuration management is offered for this service in accordance with ITIL guidlines
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- 3Dot Solutions operates a robust Threat and Vulnerability Management process and set of procedures. Threat Intelligence is routinely monitored and patching in line with industry best practice timescales.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- 3Dot Solutions offers a full protective monitoring service, as required by clients as part of the service offering, or can feed logs or other data into an existing SOC service, if this is more preferable to the client.
- Incident management type
- Supplier-defined controls
- Incident management approach
- 3Dot Solutions Incident Management processes align to the NCSC best practice
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
3Dot Solutions gCloud offering aims to support the fight against climate change by advising and influencing stakeholders in the adoption of cloud prevalence, leading to a reduction in data centre single usage HVAC. This includes promoting less reliance on hardware based appliances in favour of software or container based solutions where multiple roles can be combined to reduce carbon emissions. - Covid-19 recovery
-
Covid-19 recovery
3Dot Solutions gCloud offering aims to promote new ways of working by recommending, promoting and assisting in the delivery of cloud based solutions which offer new, yet secure, access and delivery of services through appropriate technology. This includes the ability to increase remote working on classified data and systems. - Tackling economic inequality
-
Tackling economic inequality
3Dot Solutions is committed in all aspects of its business to support and foster the next generation of workforce, by creating and providing relevant opportunities in high growth areas such as the services offered through this gCloud offering. This is achieved through supporting opportunities presented through the likes of the Generation nonprofit organisation. - Equal opportunity
-
Equal opportunity
3Dot Solutions is an equal opportunities supplier, and does not prejudice employment decisions relating to disability, disadvantaged or minority groups. - Wellbeing
-
Wellbeing
3Dot Solutions promotes healthy wellbeing through its method of deliverable based work, placing emphasis on a strong life and work balance, especially in a post pandemic work setting. Particular emphasis is placed on mental wellbeing, where regular activities outside of the working environment are arranged alongside encouragement to talk about difficult problems whether that be professional or personal.
Pricing
- Price
- £595 to £1,895 a unit
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Trial periods and POV are available on request.