NetUtils logoi

e: info@netutils.com | t: 020 8783 3800

NetUtils logoi

t: 020 8783 3800

Managed Security Services

NetUtils Security Operations Centre

The NetUtils SOC-as-a-Service is backed by a team of certified security analysts and uses the latest cutting-edge technology to protect organisations of all sizes.

With one comprehensive cloud-native platform, we defend organisations by using artificial intelligence and computer vision to monitor systems for suspicious activity. The NetUtils SOC-as-a-Service offers your business 24/7/365 monitoring and increased visibility into your network, and our next-generation tech, including our fully managed SIEM and AI analytics platform, can even help you prepare for zero-day attacks.

In the event of a potential security breach, our team will immediately alert you and take steps to protect your data at any time.

Security Operations

Data Analysts

Log Security Monitoring

Office 365 Monitoring

Log Security Monitoring

The NetUtils SOC provides you with access to a fully managed 24/7/365 security operations centre. The service uses leading edge technology paired with human talent, with just a single objective, to monitor your network, protect your assets and keep your business safe.

The SOC collects, aggregates, and normalises log data from hundreds of sources for AI enabled analysis using an analytics platform, SIEM, threat intelligence, and of course the individuals manning the 24/7/365 operations centre. Our service identifies threat-like behaviour in your systems such as impossible logins, multi-factor bypass, coordinated attacks, and rogue agents.

Log Security Monitoring Key Features:

  • Hundreds of Support Integrations
  • SIEM Analysis
  • AI Analytics Engine
  • Self-service Reporting
  • Deployment of physical or virtual appliance for on- prem logs (like syslog)
  • Supports key industry and regulatory compliance standards such as continuous monitoring
  • and log retention
  • ROI on existing investments – Merge data from your existing security tools with multiple sources to provide greater visibility and re-use existing investment

Typically Log Security Monitoring will protect you against activities like:

3rd Party Violation

Monitors activity by external vendors and partners who have access to organisational systems, to identify anomalous behaviour or escalation of privileges.

Anomalous Privilege Escalation

Detects users changing or escalating privileges for critical systems.

Unauthorised Access

Monitoring who is accessing devices and where they connect to, and alert when source or target is unknown or suspicious.

Multi Vector Attack

Correlates data from multiple sources to get consolidated visibility of multiple attacks.

Compromised User Credentials

Uses behavioural analysis to detect anomalous behaviour by users, indicating a compromise. For example, logins at unusual hours or at unusual frequency.

Cloud Infrastructure Attack

Alerts on threat-like behaviour in AWS services.

O365 Security Monitoring

 

The NetUtils SOC monitors Office 365 activity using an analytics platform, SIEM, threat intelligence and 24/7/365 Security Operations Centre to identify threat-like behaviour such as unauthorised access to cloud mailboxes, admin changes in the environment, impossible logins, and brute force attacks.

O365 Security Monitoring Key Features:

  • SIEM Correlation & SOC Analysis
  • Support for custom alerting and reports
  • Visibility to login activity in the dashboard
  • Detects potential threats of suspicious activity in Office 365
  • Supports industry & regulatory compliance requirements

Typically O365 Security Monitoring will protect you against activities like:

Malicious Admin Changes

Tracks admin activity and changes to the O365 tenant.

Failed or Unauthorised Access

Detects failed or suspicious login attempt.

Foreign Login

Monitors geolocation access with IP location sourcing and login from suspicious or unusual countries.

Suspicious Email Forward

Alerts when email forwarding rules have been created outside of the domain.

Impossible Login

Detects logins from different geolocations within a short period of time.

Unauthorised Delegate Access

Tracks when emails delegates are added.

The Human Element – The SOC Team

Fully managed Security Monitoring means our automated advanced search & detection technology is backed by a team of certified security analysts. These experts in the Security Operations Centre (SOC) manage, tune and monitor our systems and your business’s data 24/7/365 to ensure you are protected.

The SOC Team protects your business with the combination of machine and human analysis. We use some terms and processes in our service delivery that hopefully give you some context into the workings behind the scenes.

Definition

  • Alert – An observable occurrence in a protected server, application, or, more broadly, the internet that may imply a potential threat to an information system or a potential compliance issue.
  • Alarm – A pattern of potentially malicious activity that implies an identified threat to an information system, violates acceptable use policies, or circumvents standard security practices. We classify incidents into three threat severity ratings: High, Medium, and Low.

 

Expert SOC Research, Escalation, and Response

– Identified incidents are reviewed and researched by security certified professionals who:

  • Proactively research threats
  • Our SOC experts are skilled in threat research and the art of the identification of suspicious activity known in the industry as “Threat Hunting.”
  • Escalate priority incidents

Ready 24/7/365, our team of experts are trained in straightforward explanations of security findings. Priority Incidents / Alarms are escalated to you according to your designated escalation path.

  • Respond for Remediation

When an escalated incident requires remediation, our SOC experts are available to provide remote remediation assistance and advice.

About NetUtils

We are a leading UK specialist integrator of network, security and data solutions for enterprise, telco, MSPs and ISPs. With more than 27-years history and over 400 enterprise and service provider clients including many listed within the FTSE 100, NetUtils brings its customers the depth and breadth of people, technologies and services to improve business performance in this ever-changing digital world.

© Network Utilities (Systems) Limited 2021

020 8783 3800

09:00 – 17:30