ThetaPoint’s Hybrid SOC
ThetaPoint’s Hybrid SOC solution provides 7×24 Security monitoring and response of your Co-Managed SIEM.
Unlike traditional approaches, this solution brings the benefits of an MSSP coupled with the knowledge and control of leveraging your own security monitoring frameworks and technologies. Whether your SIEM is on premise or in the cloud, ThetaPoint can help you bridge the skills gap shortage and optimize your Security Operations Centers investments for measurable outcomes.
For more information on ThetaPoint’s Hybrid SOC Solution, please contact us.
The Problem: Traditional Approaches No Longer Work
Historically, organizations have approached the problem of security monitoring and incident response in one of two ways, outsource the function to a Managed Security Services Provider (MSSP) or build, operate and maintain their own SOC. In a 2020 Ponemon Study (figure below) 58% rate traditional MSSPs as ineffective and 63% are seeking to bring the SOC in-house or move to another vendor. ThetaPoint’s Hybrid SOC solution bridges the best of traditional MSSPs with the business value of an in-house SOC. ThetaPoint’s Hybrid SOC solution allows organizations to derive more value from their security operations investment with predictable and repeatable outcomes that are in alignment with their business goals and objectives.
73% view their SOC as crucial to their security strategy but...
- 49% are dissatisfied with their SOC but can not acquire enough labor talent to enhance their SecOps
- 58% report that their MSSP is ineffective
Cyber Security Staffing shortage is making In-House SOC difficult to operate
- An estimated 3.5 million cybersecurity jobs will be available but unfilled by 2021, according to predictions from Cybersecurity Ventures and other experts.
- Very Labor Intensive and Expensive
- $2.8M Annual Cost – 1/2 the cost is labor
- High Attrition and Training – 1 yr. productivity and 7 mos. to hire and train
- High Turnover – 70% agree SOC analyst burn out fast
Traditional MSSPs are missing the mark with One Size fits All Model
- $4.5M Annual Cost – 2x the cost of in-house
- Low Satisfaction – 58% rate Traditional MSSPs ineffective (Race to bottom)
- Seeking Alternatives – 63% will bring SOC in-house or move to another vendor
The Solution: An Innovative Hybrid SOC
The Hybrid SOC model sits nicely in between the traditional MSSP model and those organizations that run a full 7x24x365 in house SOC.
You get the benefits of shared resource utilization across a larger client base, with the security engineering expertise required to fully leverage your SIEM investments. As you can see below, functions of each are rolled into the Hybrid SOC offering that leverages ThetaPoint’s Co-Managed SIEM service (Operations & Maintenance). And of course, all of this can be custom tailored to your specific needs and requirements.
Traditional MSSP
Owns and Maintains Technology Stack
24×7 Security Monitoring (T1-2)
Endpoint Detection & Response
Threat Intelligence
Threat Hunting
Vulnerability Assessment & Monitoring
Attack Simulation / Pen-testing
Hybrid SOC
Co-Managed SIEM +
24×7 Security Monitoring (T1-2)
Custom Runbooks for each Client Use Case
Endpoint Detection & Response
Threat Intelligence
Threat Hunting
Vulnerability Assessment & Monitoring
Attack Simulation / Pen-testing
Operate and Maintain Client SIEM
24×7 Health Monitoring
Custom Use Case Development
Modeling of Client Environment
Experts on Demand for SIEM
In-House SOC
Client owns data and software
SIEM in client datacenter or cloud
Client operates and maintains SIEM
Client defines all security use cases
Client provides Tier 1 & 2 Security Analytics
Client provides Threat Hunting
Client provides Tier 3 Incident Response
Hybrid SOC Value Realization
The ThetaPoint Hybrid SOC Monitoring and Response solution delivers tremendous value for enterprises of all sizes and industries who wish to leverage their SIEM and Log Management investments, but do not have the resources available to provide consistent 7x24x365 monitoring of their environment. Our Hybrid SOC clients have the confidence that when they receive an alert that has been triaged by our team, that there is business context, relevance, and most importantly actionable intelligence from which to execute against. Whereas Traditional MSSPs value declines over time and increased investment, ThetaPoint’s Hybrid SOC solution continue to drive incremental value as business needs grown and adapts to the emerging threat landscape (see below).
MSSP Value – Immediate value with minimal costs leveraging one size fits all framework across multiple clients. Value tends to decrease over time as clients needs mature.
Hybrid SOC Value – Immediate value derived from ThetaPoint SecOps expertise managing client owned technologies which improves as client needs mature.
In House SOC Value – Long-term value realized once SOC can fully fund all necessary People, Processes, and Technologies.
1. SOC Optimization
ThetaPoint’s Security Operations Center (SOC) Optimization Service leverages our expertise in security administration, monitoring, incident response, architecture and operations.
- People & Process Gap Analysis
- TTP / Workflows for Automation
- Use Case Workshop
- Technical Architecture for MSSP integration (SRA)
- Outsourcing Strategy for MSSP
2. Co-Managed SIEM
ThetaPoint’s Operations & Maintenance (O&M) Managed Service removes the complexity of managing your security tools so you can focus on achieving organizational security goals.
- Operate and Maintain Client SIEM
- 24×7 Health Monitoring with Break / Fix
- Custom Use Case Development
- Modeling of Client Environment
- Experts on Demand for SIEM
3. Hybrid SOC
ThetaPoint’s Hybrid SOC solution provides 7×24 Security monitoring and response of your Co-Managed SIEM.
- Maintain ownership and control over your data and SIEM
- 7x24x365 Security Monitoring and Response
- MITRE ATT&CK framework for analyzing custom TTPs
- Business context modeling and monitoring with your SIEM
- Custom Runbooks for each Client Use Case
For more information on ThetaPoint’s Hybrid SOC Solution, please contact us.