RocketCyber Managed SOC

  • managed-security

RocketCyber Managed SOC is a white labeled managed security operation center that leverages the RocketCyber Threat Monitoring Platform to detect malicious and suspicious activity across three critical attack vectors - endpoint, network, and cloud. It offers a multi-tenant cloud architecture fueled with integrated threat intelligence, and a built-in app store with purpose-built threat detection apps that enable MSPs to deliver 24/7 threat monitoring.

RocketCyber Managed SOC is a white labeled managed security operation center that leverages the RocketCyber Threat Monitoring Platform to detect malicious and suspicious activity across three critical attack vectors - endpoint, network, and cloud. It offers a multi-tenant cloud architecture fueled with integrated threat intelligence, and a built-in app store with purpose-built threat detection apps that enable MSPs to deliver 24/7 threat monitoring.

Key Features

  • SIEMless log monitoring
  • Threat intelligence and hunting
  • Breach detection and intrusion monitoring
  • NextGen malware protection
  • PSA ticketing
  • Extensive RocketCyber App Store

Key Benefits

  • 24X7 continuous monitoring, with always-on threat detection in real-time
  • RocketCyber is the developer of all technologies leveraged in our default SOC Platform configuration
  • SOC powered by the RocketCyber Cloud Platform requiring no hardware

The service is comprised of an elite team of security veterans and experts who proactively hunt and investigate threat activity across your base of managed small-business customers. RocketCyber performs the triage of detections and works with you on the remediation when an actionable threat is discovered. Billing is done per device, with a device defined as any of the following types that communicate with the RocketCyber Managed SOC during the monthly billing period:

  • Windows OS device running Windows 7, 8, or 10
  • Windows Server OS device running Windows Server 2008R2, or Windows Server 2012, 2016, or 2018.
  • macOS device running macOS 10.14 or higher
  • Firewalls from Barracuda, Cisco Meraki, Fortinet, PfSense, SonicWall, Sophos, WatchGuard, Ubiquti, and Untangle

The Managed SOC service enables you to instantly grow your security stack and augment your existing staff by partnering with the RocketCyber dedicated SOC team. Gain one step ahead of attackers by tapping into the expertise of veterans who've been on the forefront of investigating global threats such as Code Red Worm (2001), Slammer (2003), Stuxnet (2010), Cryptolocker trojan (2013) and the Bluekeep exploit (2019).

RocketCyber Managed SOC requires no long-term commitments and helps MSPs save time and money through a service that can be by getting fully operational and deployed within a few minutes.

MSPs can leverage SIEMless Log Monitoring to monitor, search, alert, and report on the three attack pillars, with log data spanning Windows and macOS security events, firewall and network device events, and Office 365 and Azure AD cloud events.

RocketCyber Threat Intelligence and Hunting delivers real-time threat intelligence monitoring and premium intel feeds from security partners to provide MSPs with a global repository of threat indicators. The Manage SOC offers Breach Detection to identify adversaries that evade traditional cyber defenses such as firewalls and AV. It identifies attacker TTPs and aligns with Mitre Attack to produce a forensic timeline of chronological events to deter the intruder before a breach occurs.

Intrusion Monitoring offers real-time monitoring of malicious and suspicious activity, identifying indicators such as connections to terrorist nations, unauthorized TCP/UDP services, and backdoor connections to C2 servers. For NextGen Malware, MSPs can use their own malware prevention or leverage the RocketCyber command and control app for Microsoft Defender, backed up with a secondary line of defense using RocketCyber malicious detection of files, tools, processes and more. RocketCyber SOC analysts investigate each alert, triaging the data, and producing a ticket to your preferred PSA tool, accompanied with the remedy details so you can focus on your operations without having to depend on internal security engineers.

RocketCyber App Store

The extensive RocketCyber App Store features threat detection integrations that provide solutions for a wide range of cybersecurity use cases. Each use case facilitates cyber monitoring opportunities for MSPs. Partners only need to log into their accounts to turn on preferred RocketApps, with no separate installation required. Each app is purposely built to detect malicious/suspicious activity spanning endpoint, network and cloud attack pillars. When threats are detected, RocketCyber provides the MSP with operator reporting, a triage view, and the ability to receive incident tickets the preferred PSA tool.

RocketCyber Managed SOC integrates with several Pax8 security vendors, with apps that report threat detections and deliver the results to the RocketCyber SOC Platform. The apps include IRONSCALES Email Security Analyzer, BitDefender Monitor, Webroot Monitor, and SentinelOne Monitor. The RocketCyber App Store also includes key apps for strengthening the overall security of Microsoft solutions with:

  • Office 365 Log Monitor: Multi-tenant event log monitor for all accounts linked to Microsoft Office 365 providing visibility into users, groups, Azure Active Directory activity and more.
  • Office 365 Log Analyzer: Detects successful and unsuccessful logins outside the expected countries, known malicious IP addresses and adversaries, exposing unauthorized authentication activity.
  • Office 365 Secure Score: Overall description of cloud security posture with itemized remediation plans across all Office 365 tenants.

TALK TO A CLOUD WINGMAN

Simplified billing, instant provisioning, and 24/7 support is
just a fraction of what a Cloud Wingman can do for you.