Top

ThetaPoint’s Hybrid SOC

ThetaPoint’s Hybrid SOC solution provides 7×24 Security monitoring and response of your Co-Managed SIEM.

 

Unlike traditional approaches, this solution brings the benefits of an MSSP coupled with the knowledge and control of leveraging your own security monitoring frameworks and technologies. Whether your SIEM is on premise or in the cloud, ThetaPoint can help you bridge the skills gap shortage and optimize your Security Operations Centers investments for measurable outcomes.

For more information on ThetaPoint’s Hybrid SOC Solution, please contact us.

The Problem: Traditional Approaches No Longer Work

Historically, organizations have approached the problem of security monitoring and incident response in one of two ways, outsource the function to a Managed Security Services Provider (MSSP) or build, operate and maintain their own SOC. In a 2020 Ponemon Study (figure below) 58% rate traditional MSSPs as ineffective and 63% are seeking to bring the SOC in-house or move to another vendor.  ThetaPoint’s Hybrid SOC solution bridges the best of traditional MSSPs with the business value of an in-house SOC. ThetaPoint’s Hybrid SOC solution allows organizations to derive more value from their security operations investment with predictable and repeatable outcomes that are in alignment with their business goals and objectives.

73% view their SOC as crucial to their security strategy but...

  • 49% are dissatisfied with their SOC but can not acquire enough labor talent to enhance their SecOps
  • 58% report that their MSSP is ineffective

Cyber Security Staffing shortage is making In-House SOC difficult to operate

  • An estimated 3.5 million cybersecurity jobs will be available but unfilled by 2021, according to predictions from Cybersecurity Ventures and other experts.
  • Very Labor Intensive and Expensive
  • $2.8M Annual Cost – 1/2 the cost is labor
  • High Attrition and Training – 1 yr. productivity and 7 mos. to hire and train
  • High Turnover – 70% agree SOC analyst burn out fast

Traditional MSSPs are missing the mark with One Size fits All Model

  • $4.5M Annual Cost – 2x the cost of in-house
  • Low Satisfaction – 58% rate Traditional MSSPs ineffective (Race to bottom)
  • Seeking Alternatives – 63% will bring SOC in-house or move to another vendor

The Solution: An Innovative Hybrid SOC

The Hybrid SOC model sits nicely in between the traditional MSSP model and those organizations that run a full 7x24x365 in house SOC.

Hybrid SOC Overview

You get the benefits of shared resource utilization across a larger client base, with the security engineering expertise required to fully leverage your SIEM investments. As you can see below, functions of each are rolled into the Hybrid SOC offering that leverages ThetaPoint’s Co-Managed SIEM service (Operations & Maintenance). And of course, all of this can be custom tailored to your specific needs and requirements.

Traditional MSSP

Owns and Maintains Technology Stack

24×7 Security Monitoring (T1-2)

Endpoint Detection & Response

Threat Intelligence

Threat Hunting

Vulnerability Assessment & Monitoring

Attack Simulation / Pen-testing

Hybrid SOC

Co-Managed SIEM +

24×7 Security Monitoring (T1-2)

Custom Runbooks for each Client Use Case

Endpoint Detection & Response

Threat Intelligence

Threat Hunting

Vulnerability Assessment & Monitoring

Attack Simulation / Pen-testing

Operate and Maintain Client SIEM

24×7 Health Monitoring

Custom Use Case Development

Modeling of Client Environment

Experts on Demand for SIEM

In-House SOC

Client owns data and software

SIEM in client datacenter or cloud

Client operates and maintains SIEM

Client defines all security use cases

Client provides Tier 1 & 2 Security Analytics

Client provides Threat Hunting

Client provides Tier 3 Incident Response

Hybrid SOC Value Realization

The ThetaPoint Hybrid SOC Monitoring and Response solution delivers tremendous value for enterprises of all sizes and industries who wish to leverage their SIEM and Log Management investments, but do not have the resources available to provide consistent 7x24x365 monitoring of their environment. Our Hybrid SOC clients have the confidence that when they receive an alert that has been triaged by our team, that there is business context, relevance, and most importantly actionable intelligence from which to execute against. Whereas Traditional MSSPs value declines over time and increased investment, ThetaPoint’s Hybrid SOC solution continue to drive incremental value as business needs grown and adapts to the emerging threat landscape (see below).

ThetaPoint Logo

    MSSP Value – Immediate value with minimal costs leveraging one size fits all framework across multiple clients. Value tends to decrease over time as clients needs mature.

 

ThetaPoint Logo    Hybrid SOC Value – Immediate value derived from ThetaPoint SecOps expertise managing client owned technologies which improves as client needs mature.

 

ThetaPoint Logo    In House SOC Value – Long-term value realized once SOC can fully fund all necessary People, Processes, and Technologies.

Hybrid SOC Value

ThetaPoint Logo1. SOC Optimization

 

ThetaPoint’s Security Operations Center (SOC) Optimization Service leverages our expertise in security administration, monitoring, incident response, architecture and operations.

 

  • People & Process Gap Analysis
  • TTP / Workflows for Automation
  • Use Case Workshop
  • Technical Architecture for MSSP integration (SRA)
  • Outsourcing Strategy for MSSP

ThetaPoint Logo2. Co-Managed SIEM

 

ThetaPoint’s Operations & Maintenance (O&M) Managed Service removes the complexity of managing your security tools so you can focus on achieving organizational security goals.

 

  • Operate and Maintain Client SIEM
  • 24×7 Health Monitoring with Break / Fix
  • Custom Use Case Development
  • Modeling of Client Environment
  • Experts on Demand for SIEM

ThetaPoint Logo3. Hybrid SOC

 

ThetaPoint’s Hybrid SOC solution provides 7×24 Security monitoring and response of your Co-Managed SIEM.

 

  • Maintain ownership and control over your data and SIEM
  • 7x24x365 Security Monitoring and Response
  • MITRE ATT&CK framework for analyzing custom TTPs
  • Business context modeling and monitoring with your SIEM
  • Custom Runbooks for each Client Use Case

For more information on ThetaPoint’s Hybrid SOC Solution, please contact us.