What Are the Qualities of a Good SOC Service Provider?
30 July 2021SafeAeon Inc.
Finding the right SOC provider or MSSP for your organization is a daunting task. Striking the right balance of maximizing ROI from your investment while achieving effective real-time proactive threat protection for your organization may seem impossible- Several key parameters should be explored:
Are they providing SIEM as part of the service? If yes, which product?
SIEM is a base platform on which a SOC is built. Choosing the right SIEM product is the most critical decision on the road to building an effective SOC.
Does the SOC service provider lock you into annual contracts with stiff cancellation penalties?
This should put you on high alert. A quality SOC service provider should rely on delivering a high-quality service rather than relying on forced lock-in contracts.
Are there any hidden costs such as SIEM Management cost, cloud hosting cost, etc.?
Beware of hidden costs in any SOC provider quotes. Read the fine print. Any quality provider will clearly define the end to end cost of their service.
Understand the Onboarding and Transition cost breakdown.
Often, there are considerable costs associated with onboarding and transition. In most cases, this is actually in addition to ongoing SOC service costs. Be aware of and discuss those costs beforehand.
Will the SOC service provider allow customer access to the SIEM console?
Access to the SIEM console will enable you to search raw logs for troubleshooting purposes and give you visibility pan enterprise from a single pane of glass for any particular operational team needs.
SIEM console access should be a requirement clearly defined with your outsourced SOC service provider. We have seen countless examples in our experience where SOC service providers are either unwilling or unable to provision simple read-only access to SIEM console for their customers
Can the SOC service provider integrate their solution stack with your Ticketing System?
Is this provided as part of the service, or is there an add-on cost?
Is the SOC service provider using a SOAR platform for Incident Case Management and Automation?
If yes, which vendor solution are they using? Is there an added cost associated with SOAR? How much?
An essential pillar for an efficient SOC solution is the incident management solution and associated workflow processes. The selection of the SOAR platform in the backend dictates the efficiency of a SOC.
Is the SOC service provider charging for Cloud Hosting costs?
How much? Is hosting onsite in your datacenter an available option? Where is the data being hosted? Who has access to the information? What are the internal data policies of the vendor? These are some of the questions you need to ask and have defined in your service agreement with your SOC service provider.
Is the SOC service provider adequately insured with cybercrime insurance protection?
What level of SLA’s are included as part of the service?
Is the SOC service provider charging extra for 30-min “Critical and High” SLA’s? Alerting on these events and communicating in a timely fashion is mission-critical to your business.
Be wary of SOC service providers with loosely stated SLO’s (Service Level Objectives), which only serve to benefit the providers by allowing them to deliver less than stellar service to the customer.
If you have deployed a SIEM solution, ensure the chosen SOC service provider has expertise in your deployed product.
These are just a few of the qualifying questions to ask while deciding to choose which particular SOC provider you will entrust to provide effective real-time proactive threat protection for your organization.
You may be thinking that finding one provider that can deliver on all of the parameters above would be impossible. We’re pleased to inform you, that not only can we deliver on all of the services outlined above, but we do so, day and day out, at industry-leading prices!
SafeAeon SOC-as-a-Service is designed from ground up as a lean operation focusing on delivering Turnkey SOC services to its customers at the most aggressive SOC prices while keeping the service experience at the level expected of the best SOC provider vendors.
As part of the SafeAeon service offering, a competitively (industry-leading) priced fixed-monthly fee is charged to cover all licensing-costs, management, and 24×7 monitoring cloud-deployed software and SOC service components of the proposed solution (On-prem option available).
The deep product discounts that we enjoy are a result of the volume of business we transact and our deep relationship with product OEM vendors.
Here are the service highlights of SafeAeon Premium SOC-as-a-Service:-
- $0 Onboarding & Transition (current and future growth)
- IBM QRadar SIEM (#1 ranked SIEM as per Gartner 2020 report)
- IBM Resilient SOAR (top-ranked SOAR as per Gartner 2020 report)
- Hosting Cost included
- 30-Min GOLD SLA
- Ticketing System Integration – complimentary
- Unlimited Custom Use Cases – complimentary
- 1 Year log retention
- Multi-tenancy support
- Fixed-fee monthly billing
- Dedicated 1-800 number and SOC Delivery Manager
- All-inclusive Approach