Security Operations as a Service (MSSP)

An MSSP (Managed Security Service Provider) assists companies in the practice or ISO 27001, PCI DSS and other compliance in meeting the criteria and controls of “monitoring and Logging” without some of the tools and staff resource overhead.

ADHERE assists companies with the Planning, Building and Running of a Security Operations Center, as well as the SIEM (Security Information Event Management) as a Service. We partner with AlienVault and Hewlett Packard (HP) is building and running such SOCs.

The model we employ in preparing your organization for a Security Operations Service, is the Three Phase paid engagement model.

Phase1: Plan/Assessment
Prior to beginning the running a SOC (Security Operations Center) or Service, a company should plan what the scope and process will be like.
• Architectural Review
• Scope review (what’s to be monitored, what’s not)
• Gain full requirements
• Recommend Policies/Procedures/Practices for SOC (based on environment)
• Create required documentation/wiki
• Create DR SOC scenarios
• Create baseline models
• Create Governance and Lifecycle
• Procure the right product or service

Phase2: Build
When ADHERE assists in building your company’s SOC or SIEM as a Service program we will also match with our supporting documentation. Each site will be inventoried for assets and mapped into the scope. We start running reports and dashboards for monitoring right after Phase 1 and some cases within 30 days.
• Implement tools
• Add FW & IDS/IPS
• Add Routers & switches
• Add Load Balancers
• Add OS(Linux, Windows, etc.)
• Add scanners (Qualys, Rapid 7, etc.)
• Add web & proxy servers
• Add Anti-Virus services
• Add critical applications
• Add secondary applications
• Add Custom applications
• Add log servers
• Add VPN servers
• Add FTP servers
• Add Databases
• And more

Phase3: Run/Support
ADHERE runs the SOC, alerts, notifies and recommends specific solutions or mitigation. We have a full staff working with you to ensure speed to resolution.
Through the process ADHERE provides guidance, support and honest feedback on your readiness state, should you prepare to resource in house at some point, or stay with us (we’d love that)!

Comments are closed