0117 457 3331 | contact@cybertecsecurity.com |

Detect & Protect

Our fully managed security service (SOC & a SIEM) developed by ex-GCHQ cyber ‘offense’ operatives and used by, among others, The Bank of England, monitors, detects and reacts to threats in real time, enabling your clients to achieve a maximum risk reduction of up to 98%.

  • Activity and Security Analysis

Detect & Protect collects system and security data from your IT devices (on-site or cloud) and then forwards it securely to us. This data is indexed and analysed against bespoke rule-sets as well as a threat intelligence database to identify potential threats, behavioural anomalies and to detect actual intrusions.

  • Intrusion Detection

Detect & Protect provides real-time scanning that looks for cyber threats and suspicious anomalies at the host level. This enables analysts to investigate and respond to advanced threats and attacks against your IT. Detect & Protect can uncover more complex exploit processes, used to bypass Anti-Virus systems, through the integration of the Cyber Tec Security Threat Intelligence database to identify indicators of compromise.

  • Flexible Incident Response

Detect & Protect can provide an optional automated active response service that can be used to block a network attack, stop a malicious process or quarantine a specific user or file. This tailored service will be developed to meet your organisation’s individual automated response requirement.

  • Vulnerability Assessment

The automated vulnerability assessment feature helps to find the weak spots in your IT. Detect & Protect uses the output from the software audit to provide a continual vulnerability assessment for each monitored device.

Detect & Protect achieves this by comparing the results against the latest CVE (Critical Vulnerability and Exposure) database of known vulnerabilities to identify weaknesses that need be addressed.

  • File Integrity Monitoring

Detect & Protect monitors selected files to identify changes in content, permissions and attributes of the files that are important to an organisation such as files that a hacker or malware would target or those containing sensitive financial information or personal data in HR records.

Detect & Protect will generate an alert if it detects that a file has been changed or modified and can identify the user(s) involved. File Integrity Monitoring will also provide inputs into the Detect & Protect regulatory compliance service.

  • Security Configuration Assessment

Detect & Protect monitors operating system and application configuration settings to identify where areas of potential attack can be reduced. Detect & Protect will detect and alert against common system misconfigurations that may be present on monitored devices. Each device will have a security configuration assessment score that will be available through the user dashboard. These scores can be benchmarked and tailored against an organisations security policy.

  • Regulatory Compliance

Detect & Protect alerts and reports against compliance with some of the mandatory security controls for various industry standards and regulations. Detect & Protect is configured and mapped to the technical controls of Cyber Essentials, ISO27001, PCI DSS (Payment Card Industry Data Security Standard), GDPR, NIST and HIPPA.

  • User Dashboards

Detect & Protect has been designed with its own unique user accessible dashboard. Each dashboard is pre-configured to display the core features of Detect & Protect and can be tailored to meet the individual needs and requirements of each company. This single interface provides a real-time view of your monitored IT infrastructure that has been identified as part of the Cyber Tec Security managed service.

Detect and Protect (SOC/SIEM)

Our fully managed security service (SOC & a SIEM) developed by ex-GCHQ cyber ‘offense’ operatives, monitors, detects and reacts to threats in real time, enabling you to achieve a maximum risk reduction of up to 98%.

Price available

upon request

per user / month

  • Cyber Dashboard Access
  • Daily Software Audit
  • Vulnerability Assessment
  • Security Configuration Assessment
  • Intrusion Detection
  • File Integrity Monitoring
  • Regulatory Compliance Dashboard
  • Customised Dashboard
  • Threat Intelligence
  • SOC analysis and alerting
  • Microsoft Azure AD API Integration
  • Microsoft Office 365 API Integration (Exchange / SharePoint / Teams)
  • On Premise (VM) Log Collector (Firewall / Router / Switch / NAS)