Stage 2 Security (S2) found it more reasonable to obtain scalable Detection as Code content from SOC Prime rather than fully manage security content development in-house. This enabled the company to essentially reduce the amount of dedicated Cyber Threat Intelligence and research specialists, focusing more on Incident Response, Threat Hunting, Penetration Testing and Content customization to meet the customer needs.
As Threat Detection Marketplace is a cloud-based Software as a Service (SaaS), its implementation is minimal, just requiring the company’s in-house SOC Team to configure the profiles for each client. The global SOC content library allows covering organization-specific threats and continuously keeping SIEMs updated on the latest detection and response scenarios. The magellan’s SOC Team can now search for detections much faster and more efficiently, leveraging curated content written by SOC Prime’s Content Team and Threat Bounty Program developers.
In order to extend the existing scalable and innovative log management based on Elasticsearch with SIEM functionalities and detection mechanisms, evoila GmbH was looking for a suitable cybersecurity vendor to do this. The company quickly came across SOC Prime, which was perfectly fitting for the industry-specific needs. Access to the curated and verified content enabled evoila to map the most up-to-date attack vectors directly to the company’s service. With SOC Prime, evoila enhanced their Managed Security Services significantly reducing MTTD.
SOC Prime has helped the European industry-leading Managed Security Services Provider (MSSP) enhance its SOC enabling the delivery of high-quality security operations to the company’s customers in the areas of Log Management, Security Monitoring, Technical Compliance Monitoring, and Security Analytics. With SOC Prime, the company has managed to constantly keep track of the customers' vulnerabilities and SIEM issues via real-time dashboards and assess the log quality. By automating the majority of administrative tasks, the European MSSP has reduced downtime, errors, and false positives generated by the SIEM in use and saved time on threat detection and incident prevention.