Security Operations as a Service (MSSP)

An MSSP (Managed Security Service Provider) assists companies in the practice of FedRAMP, NIST, GDPR, ISO 27001, SOC2, PCI DSS and other regulatory compliance in meeting the criteria and controls of “Monitoring and Logging” without some of the tools and staff resource overhead. Here at ADHERE, we do this service (24X7X365) and as an added bonus, your Vulnerability Scanning and PenTesting.

ADHERE assists companies with the Planning, Building and Running of a Security Operations Center, as well as the SIEM (Security Information Event Management) as a Service. We partner with AlienVault and Hewlett Packard (HP) in building and running such SOCs.

The model we employ in preparing your organization for a Security Operations Service, is the Three Phase paid engagement model or built into your Service. .

Phase1: Plan/Assessment
Prior to beginning the running a SOC (Security Operations Center) or Service, a company should plan what the scope and process will be like.
• Architectural Review
• Scope review (what’s to be monitored, what’s not)
• Gain full requirements
• Recommend Policies/Procedures/Practices for SOC (based on environment)
• Create required documentation/wiki
• Create DR SOC scenarios
• Create baseline models and coorelations/directives
• Create Governance and Lifecycle
• Procure the right product or service

Phase2: Build
When ADHERE assists in building your company’s SOC or SIEM as a Service program we will also match with our supporting documentation. Each site will be inventoried for assets and mapped into the scope. We start running reports and dashboards for monitoring right after Phase 1 and most cases within 30 days.
• Implement tools
• Inventory all assets
• Add Routers & switches
• Add Load Balancers
• Add OS(Linux, Windows, etc.)
• Add scanners (Qualys, Rapid 7, Kenna, etc.)
• Add web & proxy servers
• Add Anti-Virus services
• Add critical applications
• Add secondary applications
• Add Custom applications
• Add log servers
• Add VPN servers
• Add FTP servers
• Add Databases
• And more

Phase3: Run/Support
ADHERE runs the SOC, alerts, notifies and recommends specific solutions (not something all services do) or mitigation. We have a full staff working with you to ensure speed to resolution.
Through the process ADHERE provides guidance, support and honest feedback on your readiness state, should you prepare to resource in house at some point, or stay with us (we’d love that)!

Comments are closed