NVT Group

Concepta XDR & SOC

Concepta XDR & SOC is an all-in-one cyber security platform. It includes all the prevention, detection, correlation, investigation and response you need, backed by a 24/7 Security Operations Centre (SOC) service, without the traditional costs and complexities.

Features

• Security automation, with automated investigation and response.
• Extended threat detection and response (XDR).
• User Behaviour Analytics.
• Endpoint protection by next generation Anti-Virus.
• Protection from and detection of ransomware attacks.
• IT tools to reduce attack surface and shorten response times.
• SaaS Security Posture Management - automatically identify, prioritise, fix risks.
• Data correlation and forensics across the IT environment.
• 24/7 Security Operations Service.

Benefits

• Extended visibility to prevent and detect threats.
• A 24/7 SOC service to proactively monitor your environment.
• Collect and correlate alerts and data to identify suspicious activity.
• Ensure your SaaS applications aren't introducing security risks.
• Fully automate threat investigation and remediation actions across your environment.
• Everything you need, straight out of the box.

£80 to £80 a device a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at public_sector@nvt.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

898614044241172

Contact

Dougie Weir
01698 749000
public_sector@nvt.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: The service is compatible with latest Windows, Linux, Apple Operating Systems. The only restrictions could be due to ageing software. No other known constraints.
• System requirements:
  • Software licenses available to purchase.
  • Internet access is required to use the service.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our standard SLA response times are as follows:; ; Priority 1 (Critical) - 1 Hr Target Response Time; Priority 2 (High) - 2 Hr Target Response Time; Priority 3 (Medium) - 4 Hr Target Response Time; Priority 4 (Low) - 8 Hr Target Response Time; Service Request - 3 Days Target Response Time; Change Request - Variable
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: The service is available 9am-5pm, Monday to Friday. However, 24x7 service is also available and can be priced separately. All service agreements include a Service Level Agreement which is agreed with the client. This document outlines the service deliverables.; ; Our standard SLA response times are as follows:; ; Priority 1 (Critical) - 1 Hr Target Response Time; Priority 2 (High) - 2 Hr Target Response Time; Priority 3 (Medium) - 4 Hr Target Response Time; Priority 4 (Low) - 8 Hr Target Response Time; Service Request - 3 Days Target Response Time; Change Request - Variable
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: NVT can and will engage with customers as required and permissable prior to and during the purchasing process to better understand the breadth of requires and complimentary technologies. NVT will engage to understand how the Concepta XDR & SOC is to be deployed (public, private or hybrid cloud) and what paramaters, tolerances and policies are to be implemented. Users will be provided training (online or on-site) on how to create dashboards and collate/gather custom data feeds. Full documentation will also be made available as per our standard governance.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The only user/customer data that will be stored relates to data collected as part of the security process (logs and analysis) along with custom dashboards, configurations and policies.; ; Any customer specific data and or policies/configurations will be provided to the customer on their chosen media along with comprehensive documentation before going through the appropriate and necessary deletion/destruction.
• End-of-contract process: The primary objective of the Exit Management Plan is to enable an orderly cessation and smooth migration from the Supplier to the customer and/or its Replacement Service Provider. This includes the handover of responsibilities, services, assets and any other items or information necessary, with a view to the customer and/or the Replacement Service Provider operating a replacement service for the Services, with effect from the date of termination of this Agreement in a cost effective manner. This ensures business continuity and minimal disruption to the Council’s business operations.; ; In the event of the partial termination of this Agreement, or of the termination of a discrete Service Tower, the provisions of this Schedule shall be applied (with the necessary changes) in relation to the terminated Services in accordance with the provisions of our internal policies.; ; The Exit Management Plan will be prepared on the assumption that the Services will be transferred to the customer or a Replacement Service Provider on termination or expiry of this Agreement.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No difference in functionality. The only difference is the look of the interface on mobile phones.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Web interface allows you to manage and remediate any alerts or threats that may be indentified.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Information on testing can be provided on request, via the associated vendor.
• API: No
• Customisation available: Yes
• Description of customisation: Management of policies, scans and schedules can be configured through the console.

Scaling

• Independence of resources: Each customer has their own independent private cloud portal and these are deployed across multiple highly available AWS datacentres. Due to the overall resources available in these datacentres, processing is expandable readily whenever any resource reaches 60% utilisation, therefore no single instance is impacted by another instances' demand.

Analytics

• Service usage metrics: Yes
• Metrics types: The service offers real-time dashboard reporting, as well as historical metrics in report format. Both provide a number of alerts, indentifiable agents and any threats visible on every endpoint.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Cynet

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Concepta XDR & SOC is not a data storage platform, its primary function is to protect networks, data and infrastructure. However, any data generated by the application will be erased and historical data can be provided on the clients preferred media then subjected to destruction during decommissioning process.
• Data export formats: Other
• Other data export formats: JSON
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Concepta XDR & SOC has been built within AWS data centres, providing high availability, resilience and data centre failover across AWS environment. All this means we can guarantee 99.99% availability.
• Approach to resilience: Concepta XDR & SOC is hosted in AWS data centres.; ; Information about resilience is available on request.
• Outage reporting: Any service outages are reported via our Information Technology Service Management (ITSM) system which automatically alerts clients via email and client web portal.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access is stringently restricted by way of federated active directory services and two factor authentication.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Exova BM Trada
• ISO/IEC 27001 accreditation date: 06/08/2015
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: NVT Group is certified for ISO:27001 and, as such, has a set of policies and processes in place to ensure compliance.; NVT Group has an appointed Compliance officer to interface with the management on security aspects and also is the conduit to the UKAS accredited audit partner.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our certified standards ISO9001, & ISO27001 define our configuration and change management processes and procedures are fit for purpose. Each change request is logged and tracked through our call management application, subject to approval and manged to successful implementation or conclusion.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: The service this solution offers provides cyber security defence.; If the environment is compromised, the solution protects the internal environment from any cyber security threats and shuts down the attack immediately.; ; Patches are deployed in real time, as and when required.; ; Regarding potential threats, the dark web is monitored and any potential threats are highlighted and patches deployed to our service.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Concepta XDR & SOC is an all-in-one cyber security platform. It includes all the prevention, detection, correlation, investigation and response needed to protect the service and is backed by a 24/7 SOC service.; ; The deployed software intercepts threats that have compromised perimeter firewalls. The software detects and prevents intrusion and then alerts the Security Operations Centre for any remediation work.
• Incident management type: Supplier-defined controls
• Incident management approach: NVT Group operate an ITIL aligned customer Service desk. The service desk will be the focal point for the reporting, tracking and management of all incidents. Incidents can be reported either by phone, email , portal self service or can be automatically reported via our Monitoring and Management solution. Incident reporting and escalations are in line with ISO9001 standards with a clear and defined process in place and available upon request.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Please enquire with us directly about our social value activities and commitments.

  Covid-19 recovery

  Please enquire with us directly about our social value activities and commitments.

  Tackling economic inequality

  Please enquire with us directly about our social value activities and commitments.

  Equal opportunity

  Please enquire with us directly about our social value activities and commitments.

  Wellbeing

  Please enquire with us directly about our social value activities and commitments.

Pricing

• Price: £80 to £80 a device a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: One month free trial, with full availability.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at public_sector@nvt.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.