Unlike traditional approaches, this solution brings the benefits of an MSSP coupled with the knowledge and control of leveraging your own security monitoring frameworks and technologies. Whether your SIEM is on premise or in the cloud, ThetaPoint can help you bridge the skills gap shortage and optimize your Security Operations Centers investments for measurable outcomes.
Historically, organizations have approached the problem of security monitoring and incident response in one of two ways, outsource the function to a Managed Security Services Provider (MSSP) or build, operate and maintain their own SOC. In a 2020 Ponemon Study (figure below) 58% rate traditional MSSPs as ineffective and 63% are seeking to bring the SOC in-house or move to another vendor. ThetaPoint’s Hybrid SOC solution bridges the best of traditional MSSPs with the business value of an in-house SOC. ThetaPoint’s Hybrid SOC solution allows organizations to derive more value from their security operations investment with predictable and repeatable outcomes that are in alignment with their business goals and objectives.
73% view their SOC as crucial to their security strategy but...
Cyber Security Staffing shortage is making In-House SOC difficult to operate
Traditional MSSPs are missing the mark with One Size fits All Model
The Hybrid SOC model sits nicely in between the traditional MSSP model and those organizations that run a full 7x24x365 in house SOC.
You get the benefits of shared resource utilization across a larger client base, with the security engineering expertise required to fully leverage your SIEM investments. As you can see below, functions of each are rolled into the Hybrid SOC offering that leverages ThetaPoint’s Co-Managed SIEM service (Operations & Maintenance). And of course, all of this can be custom tailored to your specific needs and requirements.
Owns and Maintains Technology Stack
24×7 Security Monitoring (T1-2)
Endpoint Detection & Response
Threat Intelligence
Threat Hunting
Vulnerability Assessment & Monitoring
Attack Simulation / Pen-testing
Co-Managed SIEM +
24×7 Security Monitoring (T1-2)
Custom Runbooks for each Client Use Case
Endpoint Detection & Response
Threat Intelligence
Threat Hunting
Vulnerability Assessment & Monitoring
Attack Simulation / Pen-testing
Operate and Maintain Client SIEM
24×7 Health Monitoring
Custom Use Case Development
Modeling of Client Environment
Experts on Demand for SIEM
Client owns data and software
SIEM in client datacenter or cloud
Client operates and maintains SIEM
Client defines all security use cases
Client provides Tier 1 & 2 Security Analytics
Client provides Threat Hunting
Client provides Tier 3 Incident Response
The ThetaPoint Hybrid SOC Monitoring and Response solution delivers tremendous value for enterprises of all sizes and industries who wish to leverage their SIEM and Log Management investments, but do not have the resources available to provide consistent 7x24x365 monitoring of their environment. Our Hybrid SOC clients have the confidence that when they receive an alert that has been triaged by our team, that there is business context, relevance, and most importantly actionable intelligence from which to execute against. Whereas Traditional MSSPs value declines over time and increased investment, ThetaPoint’s Hybrid SOC solution continue to drive incremental value as business needs grown and adapts to the emerging threat landscape (see below).
MSSP Value – Immediate value with minimal costs leveraging one size fits all framework across multiple clients. Value tends to decrease over time as clients needs mature.
Hybrid SOC Value – Immediate value derived from ThetaPoint SecOps expertise managing client owned technologies which improves as client needs mature.
In House SOC Value – Long-term value realized once SOC can fully fund all necessary People, Processes, and Technologies.
ThetaPoint’s Security Operations Center (SOC) Optimization Service leverages our expertise in security administration, monitoring, incident response, architecture and operations.
ThetaPoint’s Operations & Maintenance (O&M) Managed Service removes the complexity of managing your security tools so you can focus on achieving organizational security goals.
ThetaPoint’s Hybrid SOC solution provides 7×24 Security monitoring and response of your Co-Managed SIEM.