Adarma Ltd

Adarma Security Operations Centre (SOC)

Cyber security monitoring and event detection, vulnerability and threat analysis and managing the effectiveness of client cyber security controls

Features

• Security incident detection through SIEM and security analytics
• Cyber security event and incident investigation with threat hunting
• Real-time device monitoring through SIEM technology products
• Custom data onboarding and log correlation solutions
• Custom security use case development
• Flexible deployment options for both SOC and technology solutions
• 24x7 onshore delivery centres
• Fast deployable multi-tenant SIEM platform (or on premise implementation)
• Strategic threat modelling
• Managed data analytics service

Benefits

• 24x7 security monitoring of customer infrastructure utilising leading security vendors
• Proactive identification of security incidents and abnormal behaviour
• Provides fast response to incidents alongside ongoing incident support
• Provides information for remediation and root cause analysis
• Agile and streamlined use case development
• Agile and streamlined route to live process
• Adherence to internationally recognised standards for Information Security Management
• Provides transparent and actionable information on threats
• Helps customer focus on their core business

£740 to £2,380 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at derek.macluskey@adarma.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

928852769381487

Contact

Derek Macluskey
07929 738513
derek.macluskey@adarma.com

Service scope

• Service constraints: Any constraints will be identified through discussion with the buyer.
• System requirements: We leverage clients' existing investments wherever possible.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: All tickets initially responded to within 15 minutes.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: As defined by Service Level Agreements agreed through contractuals.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Live online training and documentation is provided and customised as part of the user on-boarding process
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Users will be able to extract their data by raising a service ticket. This logs the request with Adarma and we will respond accordingly.
• End-of-contract process: Full off-boarding of data is included in the price of the contract.

Using the service

• Web browser interface: Yes
• Using the web interface: Web Portal and full SIEM access.; Buyers can raise work requests and check on the status of work requests
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Our web interface uses COTS software from Atlassian – details of their assistive testing is available at - https://www.digitalmarketplace.service.gov.uk/g-cloud/services/195272775878404
• API: Yes
• What users can and can't do using the API: Adarma use a wide range of integrations depending upon your chosen SIEM. e.g. Splunk App on their Splunk servers which communicates with our API to log tickets for security Events of Interest in our ticketing platform. API access is limited to a whitelisted set of IP addresses and uses HTTPS to encrypt data in transit.
• API automation tools: Other
• Other API automation tools: N/A
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: All services have sufficient available infrastructure and people in position to deal with any spikes on the platform.
• Usage notifications: Yes
• Usage reporting:
  • Email
  • Other
• Other usage reporting: Adarma include utilisation within our regular service reporting.

Analytics

• Infrastructure or application metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files
  • Virtual machines
  • Databases
  • Ticketing information
• Backup controls: Dependant on the specific requirements of the buyer
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.5%
• Approach to resilience: Critical systems are provisioned over multiple availability zones in a high availability manner.; ; Further information is available upon request.
• Outage reporting: By direct liaison with the buyer within our Service Management function.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access to management interfaces for support purposes are limited to systems within our secure environment, or using our secure remote access solution with Multi Factor Authentication. Privileged access to our cloud platform also leverages Multi Factor Authentication. User access is periodically reviewed for appropriateness.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Username or password
  • Other
• Description of management access authentication: Access to workflow management is not publicly accessible from the internet. Access is managed through a combination of firewall policy and username and password.
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 01/05/2024
• What the ISO/IEC 27001 doesn’t cover: Our ISO/IEC 27001 certification covers the provision of the Operations Centre to Clients of network security monitoring and event detection, vulnerability & threat analysis, and the analysis of the effectiveness of Clients network security controls.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Adarma follows our own processes and policies which are aligned with our ISO 27001 accreditation.; ; All staff must partake in mandatory compliance training on relevant Information Security policies, procedures and legislation (eg. GDPR) upon joining the business, and on a yearly refresher basis thereafter.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Adarma have a robust configuration and change management process in line with our ISO certification. This follows ITL best practice
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Adarma has a ISO 27001 aligned process with automated Vulnerability Scanning tooling.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Further information is available upon request
• Incident management type: Supplier-defined controls
• Incident management approach: Adarma follow ITL service NIST Cyber security investigation standards

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: All customers have their own SIEM solution. Virtualisation is done using Role Based Access Controls and the provisioning of unique client Projects within workflow solutions
• How shared infrastructure is kept separate: Jira project segregation

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Adarma use Amazon Web Services (AWS) with datacentres in London and Dublin, we do not own a datacentre. As part of the partnering decision-making process, we gave the topic of energy-efficiency appropriate consideration and AWS was deemed to be compliant with the EU code of best practice.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our commitment to protecting cyber resilience is only matched by our commitment to preserving the world we call home. Recognising the urgency of the climate crisis and leading by example we are making a commitment to become carbon neutral by 2025 and carbon net zero by 2045, in line with the Scottish Government’s target.; As for operational excellence, we remain focused on securing the integrity of our supply chain by cooperating with partners who are committed to sustainability, diversity and inclusion. We believe partnerships are critical to helping us make progress in these areas beyond our operational control.; To benchmark ourselves and learn from other companies in our industry, we are working with EcoVadis, one of the world’s largest and most trusted providers of business sustainability ratings, to determine where we are and where we want to be.

  Covid-19 recovery

  Adarma offer a hybrid working model to provide a balance between at home and office working, and to help manage the impacts of COVID-19 on our clients and on our team. Our 24x7 managed services operation is underpinned by remote working as part of our pandemic response. ; We are committed to offering support for employees to ensure they have a comfortable and productive workspace when they chose, or are required, to work from home.; We have a designated Pandemic Response Team made up of key stakeholders in the company who are responsible for monitoring and responding as appropriate. All related communications, guidelines and useful supporting material are maintained centrally so that our staff can keep up to date with current guidance and the support available.

  Tackling economic inequality

  To address the cyber skills gap, we are developing new partnerships with schools, universities and organisations such as Skills Development Scotland to encourage more to consider a career in cybersecurity. We aim to raise awareness of the cybersecurity industry and create a graduate development programme to help foster early careers in cyber.; As a cyber security services provider, Adarma maintain a commitment to protect the confidentiality, integrity and the availability (CIA) of its data and systems. As Adarma operate to high ethical standards, we expect all suppliers to adhere to similar principles regardless of the nature of services provided to mitigate and manage cyber security risks. Our robust supplier assurance policy helps to ensure the protection of Adarma’s assets, our client's data and information, and our staff.

  Equal opportunity

  Our goal is to empower everyone’s access to equal opportunities, no matter who they are or their background. We are passionate about recruiting from a wider talent pool and prioritise people and their potential, not necessarily for their CV.; We have partnered with the Prince’s Trust to launch our ‘Get Started in Cybersecurity’ programme, a skills development initiative aimed at helping disadvantaged young people pursue a career in cyber.; Adarma is a proud signatory of the Armed Forces Covenant. By formally pledging our support for the armed forces community, we recognise the value service personnel, both regular and reservists, veterans and military families contribute to our business and country. ; We are a member of the Neurodiversity in Business (NiB) industry forum to support the participation of neurodivergent individuals in the workplace.

  Wellbeing

  Adarma pride ourselves in putting an emphasis on the holistic wellbeing of our People. This is reflected in the Employee Value Proposition that provides employees with a complete set of offerings to promote mental, physical and financial well-being. Regular reviews are undertaken to ensure offerings are used and refreshed. ; ; People are core to our business and we offer a range of benefits and support systems. This includes wellbeing support tools and programmes, including our mental wellbeing app, an external employee assistance programme, and a range of staff trained as mental health first aiders. Equally, we have staff who work within flexible arrangements, be it reduced hours, hybrid or remote working.; We also offer competitive benefits, including private healthcare, a competitive pension scheme, staff recognition and bonus programmes, cycle-to-work and tech purchasing schemes and many others.

Pricing

• Price: £740 to £2,380 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at derek.macluskey@adarma.com. Tell them what format you need. It will help if you say what assistive technology you use.