INTEGRITY360 LIMITED

Managed Cloud Security CNAPP Service

Architecture, deployment and support for Cloud Native Application Protection Platforms. CNAPP is a unified and tightly integrated set of security and compliance capabilities designed to secure and protect cloud-native applications across development and production, our service is a remote managed service that delivers cloud risk management and threat detection.

Features

• Design and delivery of the solution
• Vendor evaluation and selection support
• Help developing Cloud Risk management workflows
• Remote management of the CNAPP solution
• Modular service with CSPM, CIEM, CWP and CDR capabilities
• Integration with 3rd party partners and cloud ecosystem
• Managed Cloud threat detection and response
• Periodic and on-demand Cloud Risk Reporting
• Periodic service review with focus on priority value realisation

Benefits

• Reduce complexity using a unified Cloud Security Solution
• Reduce time and effort to implement Public Cloud Security controls
• Remove burden of day-to-day management
• Experienced & certified security analysts and engineers
• 24x7 coverage and avoidance of single-person dependencies
• Economies of scale
• Support to meet compliance and regulatory requirements

£20 to £100 an instance a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidreviewboard@integrity360.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

667809319825405

Contact

Paul Momirovski
+44 20 3397 3414
bidreviewboard@integrity360.com

Planning

• Planning service: Yes
• How the planning service works: We provide advisory to build a cloud risk assessment strategy to reduce business and operational risk, build the security architecture for public and hybrid cloud environments with the CNAPP solution in the center, in alignment with business goals to secure the customer cloud journey.; Our solution architects build the solution design and help our professional services team to build the solution and perform service transition to our SOC
• Planning service works with specific services: Yes
• Hosting or software services the planning service works with:
  • Check Point
  • Orca Security
  • Rapid7

Training

• Training service provided: Yes
• How the training service works: We provide Online CNAPP vendor-specific training via our partners.
• Training is tied to specific services: Yes
• Services the training service works with:
  • Check Point
  • Orca Security
  • Rapid7

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: We secure the client’s cloud journey via a cloud-centric converged solution that accelerates digital transformation by security the cloud environments from development to runtime. Capabilities container scanning, cloud security posture management, infrastructure as code scanning, cloud infrastructure entitlement management, runtime cloud workload protection and runtime vulnerability/configuration scanning.
• Setup or migration service is for specific cloud services: Yes
• List of supported services:
  • Orca Security
  • Check Point
  • Rapid7

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • CREST
  • Cyber Scheme

Ongoing support

• Ongoing support service: Yes
• Types of service supported: Hosting or software provided by your organisation
• How the support service works: The service covers support and management for the CNAPP solution, and managed threat detection and response.

Service scope

• Service constraints: Management and support are provided remotely, using secure and encrypted management connections.; Engineer-to-site can be facilitated in emergency situations.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Based on priority, incidents response time ranges from 15 minutes to 1 working day.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Support levels: 1- Infrastructure support:; • Monitoring, patching, upgrades and infra incidents support for the platform; • Indicative cost: £15,000; 2- Solution management support:; • Managing policies and configurations; • Indicative cost: £30,000; 3- Security incidents support:; • Monitoring and response for security incidents; • Indicative cost: £15,000

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certification Europe
• ISO/IEC 27001 accreditation date: 22/10/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Covid-19 recovery

  Integrity360 has initiated several activities in support of the Covid-19 recovery. These include:; • The establishment of the organisation’s own committee to develop and review short-, medium- and long-term strategies,; • Employment, retraining and opportunities to return to work for those left unemployed by COVID-19; • Supporting people and community recovery from the impacts of COVID-19; o Being responsive and adaptable to the results of any community consultation or engagement,; o Activities taken to raise awareness of or take action to deliver the outcome based on the understanding of the identified community’s needs, for example raising awareness (staff, suppliers, or community) of how to operate or use services safely,; • Supporting organisations and businesses to recover from the impacts of COVID-19, including new ways of working to deliver services; • Supporting the physical and mental health of people affected by COVID-19, including reducing the demand on health and care services; o Measuring staff’s physical and mental health and wellbeing engagement and adapting to any changes in the results; • Improving workplace conditions, including effective social distancing, remote working, and sustainable travel solutions; o The phased return to work, new signage, new equipment, and cleaning stations; o The review of the organisation’s business continuity and disaster recovery

  Tackling economic inequality

  Integrity360 has initiated several activities in support of tackling economic inequality. These include:; • Entrepreneurship, growth, and business creation,; o Identifying opportunities to grow diversity in the supply chain and in the community where contracts are performed, including SME and VCSE participation and new business creation,; • Employment,; • Education and training,; • Creating a diverse supply chain to deliver contracts,; o Structuring of the supply chain selection process in a way that ensures fairness and encourages participation by a diverse range of businesses,; • Supporting innovation and disruptive technologies throughout the supply,; o An understanding of opportunities to drive innovation and greater use of disruptive technologies, green technologies, efficiency, and quality to deliver lower cost and/or higher quality goods and services,; • Support the development of scalable and future-proofed new methods to modernise delivery and increase productivity,; • Demonstrating collaboration throughout the supply chain, and a fair and responsible approach to working with supply chain partners in the delivery of contracts,; • Demonstrating action to identify and manage cyber security risks in the delivery of contract,; o A commitment to adopting technical standards and best practice, such as the ‘10 Steps to Cyber Security,’ NIST, Cyber Essentials and Cyber Essentials Plus certification, and further frameworks.

  Equal opportunity

  Integrity360 complies with all the equal opportunities laws in the jurisdictions in which it operates. The organisation’s social value measures include:; • Supporting in-work progression to help people, including those from disadvantaged or minority groups, to move into higher paid work by developing new skills relevant to the organisation,; o Measures using skill-based assessment tasks in recruitment, and having jobs at all levels open to flexible working from day one,; • Actions to identify and tackle inequality in employment, including skills and pay in the workforce,; o Inclusive and accessible recruitment practices, and offering a range of opportunities with routes of progression if appropriate such as industry placements and students supported into apprenticeships,; • Actions to identify and manage the risks of modern slavery in contracts, including in the supply chain,; o Policies and practices applied for contracts, such as pre-employment checks, to mitigate and manage modern slavery risks,; • Actions to increase the representation of disabled people in the workforce,; o Measures to reduce barriers to securing more jobs for disabled people, for example, inclusive and accessible recruitment practices, and retention-focussed activities,; • Supporting disabled people in developing new skills relevant to contracts, including through training schemes that result in recognised qualifications.

  Wellbeing

  Integrity360 has initiated several activities in support of wellbeing. These include:; • Supporting health and wellbeing in the workforce,; o Inclusive and accessible recruitment practices, development practices, and retention focused activities,; o Investing in the physical and mental health and wellbeing of the workforce, for example, by implementing ‘Mental Health at Work commitments,’ and outlining plans to engage the workforce in deciding the most important issues to address,; o Methods to measure staff engagement over time and adapt to any changes in the results,; • Influencing support for health and wellbeing,; o Measures to raise awareness or increase the influence of staff, suppliers, customers, communities and/or any other appropriate stakeholders to promote health and wellbeing, including physical and mental health; for example, through engagement, co-design/creation, training, and education, partnering/collaborating, and volunteering,; • Collaborate in codesign and delivery,; o Support to community-led initiatives, such as reducing loneliness, helping with English language proficiency, and helping meaningful social mixing among people with different backgrounds,; o Applicable employee volunteering schemes,; • Influence to support strong, integrated communities,; o Measures to raise awareness or increase the influence of staff, suppliers, customers, communities, and stakeholders to promote strong, integrated communities, for example, through engagement, training, partnering/collaborating, and volunteering.

Pricing

• Price: £20 to £100 an instance a year
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidreviewboard@integrity360.com. Tell them what format you need. It will help if you say what assistive technology you use.