2T Security Ltd

Network Detection and Response with Corelight

Monitor your network fully with the Corelight Network Detection & Response (NDR) platform. NDR provides the most complete SOC network visibility, AI/ML tools, powerful detections, threat hunting capabilities, and accelerates investigation across your entire kill chain. NDR also has a number of integrations, including Splunk, Devo, Crowdstrike, and Microsoft Defender

Features

• Gain visibility of your network and devices that log on
• Explore DNS responses, file hashes, certificate details, and user-agent strings
• Powered by analytics, AI/ML, SOAR, improving efficiency and unlocking capabilities
• Establish a network baseline and store years' worth of activity.
• Integrates directly into your existing workflows to reduce false positives
• Clear, complete, and structured evidence making threat hunters more effective
• In built detection for C2, encryption, HTTP, DNS, and more
• Integrates with Splunk, Elastic, Devo, Kafka, Syslog

Benefits

• Fast investigation in to network based threats
• Integrates with existing enterprise tooling
• Supports hybrid cloud environments
• Extensible detection using built in Suricata and Zeek software
• Supports private, public, and hybrid cloud environments
• Rapidly deployed into ICS/OT and CNI environments

£6,000 to £1,000,000 a licence a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tony.badsey-ellis@2t-security.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

906652308852307

Contact

Antony Badsey-Ellis
07711 037701
tony.badsey-ellis@2t-security.com

Planning

• Planning service: Yes
• How the planning service works: We initially seek to understand how our clients want to detect network based threats within their infrastructure and what tools they want to integrate with. We use this to either manage the work using our consultants to deploy Corelight, or coach their own staff in the use of Corelight so that they can manage the solution thereafter. If we use our consultants for the design and deployment then we will build a work plan for the, based upon their project delivery schedule. If we coach their staff then we will help with their internal planning.
• Planning service works with specific services: Yes
• Hosting or software services the planning service works with: Corelight

Training

• Training service provided: Yes
• How the training service works: Online instructor based training is available at "quick start" and in depth levels.
• Training is tied to specific services: Yes
• Services the training service works with: Corelight

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy

Ongoing support

• Ongoing support service: Yes
• Types of service supported: Hosting or software provided by a third-party organisation
• How the support service works: Corelight offer two levels of support, Standard and Enterprise. Offering a variety of options including:; - Telephone and Email support; - Up to 24x7 coverage; - 1 hour response to priority 1 incidents

Service scope

• Service constraints: Platform requires customer provided NAS/SAN to support Smart pcap features.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Depending on final support agreement. Up to 24x7 with 1 hour response is available
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Support levels: E-mail support in the first instance. Telephone support can be provided by client-specific arrangement. A dedicated technical account manager is made available depending on complexity of final solution.

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Corelight

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At 2T Security we are fully committed to continuously improving our environmental performance, examples of which include:; 1. We assist the development of Science, Technology Engineering, and Maths (STEM) at a grassroots level and are proud to sponsor Harrington Sixth Form School who take part in the GreenPower racing series. This supports our wider sustainability aims to use renewable energy sources.; 2. Where practical, travelling via the least impactful method for a given journey e.g., rail versus flying, public transport versus car.; 3. Using ecologically friendly solutions to meet our business needs.; 4. Managing waste generated from our business operations according to the principles of reduction, re-use, and recycling.; 5. Purchasing office consumables that are from a sustainable source, reducing the reliance on single-use items, and by recycling all paper products, ink, or toner cartridges.; 6. Becoming a net producer of sustainable energy, and supplement by only purchasing energy from “green” providers.; 7. Leased or owned company cars must have zero emissions.; 8. Working with suppliers who share our environmental aims.; 9. Measuring and making public our energy consumption, generation, and environmental impact, reviewing results, and looking at how we can improve.; 10. Complying, as a minimum, with all relevant environmental legislation as well as other environmental requirements.; 11. We refine our Social Value Method Statement and associated Action Plan on a regular basis.

  Covid-19 recovery

  2T Security has worked closely with Test & Trace (now UKHSA) programme over the last 3 years, and we continue to take Covid-19 very seriously. We remain committed to the wider Covid-19 recovery and some examples of this include:; 1. SMEs were significantly impacted by Covid-19, and this is why we support local businesses and Small to Medium Enterprise (SMEs), where possible, preferring them to larger or global suppliers. ; 2. Align to the Prompt Payment Code, which ensures that SMEs are paid within 30 days of receipt of an invoice.; 3. Taking an approach that doesn't view supply chain partners just as vendors but as collaborators working towards the successful end delivery to customers, behaving responsibly and delivering with mutual respect.; 4. We refine our Social Value Method Statement and associated Action Plan on a regular basis.

  Tackling economic inequality

  At 2T Security we are fully committed to tacking economic inequality, examples of which include:; 1. Implementing strategies to benefit the lives and wellbeing of those affected by our activities within the localities and communities. We have demonstrated this by assisting the development of Science, Technology Engineering, and Maths (STEM) at a grass roots level. As such, we are proud to sponsor Harrington Sixth Form School who take part in the GreenPower racing series. GreenPower Education trust is a charity organisation seeking to kick start careers in engineering. This also supports our wider sustainability aims to use renewable energy sources.; 2. We ensure we offer fair rates of pay, above the national average and minimum requirements.; 3. Offering summer placements to university students, helping to inspire future generations.; 4. Promote workforce diversity by targeting harder-to-reach and under-represented groups and communities. ; 5. Provide accessible, entry-level employment and training opportunities for local people and develop future talent. ; 6. Promote Fairness, Inclusion, and Respect (FIR) principles.; 7. We refine our Social Value Method Statement and associated Action Plan on a regular basis.

  Equal opportunity

  At 2T Security we are fully committed to continuously improving equal opportunities, examples of which include:; 1. Providing opportunities for those disadvantaged, for example employing a Ukrainian refugee to assist us with our ISO27001 certification.; 2. Deliver with transparency, supporting knowledge sharing, improving visibility and efficiency.; 3. Value everyone’s voice, regardless of role or where they reside in the supply chain.; 4. Respect and welcome diversity, relishing difference, ensuring everyone is treated equally, underpinned by our equal opportunities and diversity policy.; 5. Collaborate with people who uphold the same social values, ethical business practices and environmental ambitions.; 6. An active participant in the CyberFirst scheme since 2019, providing experience to summer students and year-in-industry students, and recruiting graduates to support their professional cyber security journey.; 7. Proudly providing sponsorship of the CyberFirst Girls Competition 2024, supporting, and encouraging woman in Cyber careers.; 8. Our resources have experience with job coaching in the community, helping those less fortunate get back into work, something we hope to continue to build on.; 9. Providing training and qualification opportunities to our people, supporting future development and progression.; 10. Working with charities and making charitable donations, for example our recent support of Osprey Leadership foundation, who work to inspire and enable young conservation leaders.; 11. We refine our Social Value Method Statement and associated Action Plan on a regular basis.

  Wellbeing

  At 2T Security we take health and wellbeing very seriously, examples of which include:; 1. Taking an integrative approach that doesn't view supply chain partners just as vendors but as collaborators working towards the successful end delivery to customers, behaving responsibly and delivering with mutual respect.; 2. Strive to be entrepreneurial in spirit and help new organisations, as well as our people, flourish.; 3. We support a healthy work life balance, supporting our employees with families and their wellbeing, focusing on delivery outcomes above the hours spent at a desk.; 4. Look to reduce ill health and improve wellbeing, underpinned by our health and wellbeing policy.; 5. We refine our Social Value Method Statement and associated Action Plan on a regular basis.

Pricing

• Price: £6,000 to £1,000,000 a licence a year
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tony.badsey-ellis@2t-security.com. Tell them what format you need. It will help if you say what assistive technology you use.