What managed security services do you provide?
CyberLens' core managed service is our managed security operations centre (“SOC”) which can ingest signals from any compatible security technology via API.
In addition, we offer full configuration, management and alert triage services for the following security technologies:
- Microsoft 365 Security Stack
- Microsoft Azure (Utilising Azure Sentinel and Azure Identity Protection)
- Security Information and Event Management (SIEM)
- Endpoint Detection and Response
- Phishing Defence
- Cloud Access Security (CASB)
We also build penetration testing, basic phishing defences, cybersquatting defences in to our managed SOC solution, and integrate with multiple threat intelligence feeds.
What threat intelligence feeds do you integrate with for managed security operations?
We can integrate with any threat intelligence feed for which there is a suitable REST or SOAP based API, however “out of the box” we integrate with VirusTotal, AbuseIPDB, and Spamhaus.
What is the minimum contract term for your managed security services?
All customers are free to cancel their contract with 3 calendar months’ notice. We like to earn the right to work with you on an ongoing basis.
What is a typical on-boarding period for managed security customers?
The answer very much depends on the number of integrations we need to build and the size of the environment you are asking us to protect, however we would a minimum of 1 month to achieve an initial level of business as usual operations.
Is there a charge to build new integrations with technologies that CyberLens has not integrated with before?
No, this service is free of charge, and forms part of our “proof of concept” service.
Can you offer a dedicated SOC instance (i.e. where all our data resides in a dedicated instance of the software used by CyberLens for security operations)?
Yes, we can offer customers a dedicated CyberLens instance. Additional fees apply.
What happens to our security operations data and capability if we stop working with you?
The way that we have designed our service means that the majority of source data (alerts and other information) stays within the source platform, whether this be your SIEM, EDR solution or other security technology. Where we have licensed a platform to you through a CyberLens managed service, we will help you move to a direct relationship with the vendor so that you have access to it going forwards.
We can also integrate with service management platforms to record incident related information within your own service-desk tickets.
Should more be required then optionally, as part of our off-boarding procedure, we can provide you with a copy of any data, integrations and automations related to your business, present within the Cyberlens platform. We deliver this in a proprietary format that you can import in to a licensed instance of the CyberLens platform software for your ongoing use and which must be up and running in order to receive the data.
Do you offer Penetration Testing as a service?
Yes, this is something we can offer, please get in touch to discuss your requirements further.
Are your testing staff accredited?
Whilst we recognise that customers value benchmark accreditations and certifications such as those offered by CREST, CHECK and EC-Council, not all of our testing team members focus on these for their career development, instead opting to let their experience do the talking. Talk to us and you will see what we mean.
Do you offer CISO as a service?
Yes we can offer a CISO as a service package, please contact us to discuss your requirements further.
What security vendors do you work with to help companies implement technology-based controls?
Any. The message we want to convey here is around what customers are buying when working with CyberLens professional services. Customers are investing in:
- Our understanding of the security technology landscape, including the more niche solutions available
- Significant skills and experience in the field of traditional IT infrastructure
- Project and change management skills
- A successful outcome
Whilst we may have skills and experience in one vendor’s technology over another, this is not what customers are investing in; it is instead a “side benefit”, should they opt to work with that vendor’s technology.