Managed Security Services

Because digital and electronic networks are by their nature always “on”, monitoring potential cyber threats to these networks, systems and the assets linked to them is a 24/7 assignment.

In response, some organisations have implemented their own 24 hour, automated software-led or human-led cyber surveillance systems. These Security Operations Centres (SOCs) are more effective than passive cyber security monitoring systems, and position an organisation to prepare for, and to act more quickly and more effectively against, an attack or other security incident.

A SOC also makes it more likely that an attack will be identified sooner, thereby limiting lateral movements across a network and reducing the damage.

However, this is neither optimal nor practical for many other organisations that nevertheless must mitigate these types of risks.

DarkMatter Managed Security Services provides solutions that include around-the-clock, on-premise and remote monitoring, remediation and resolution services that draw on the full scope of DarkMatter capabilities and resources.

We also provide advisory and design consulting to organisations developing their own SOC operations.

  • Managed Services

    In addition to the core SOC solutions, we offer a range of more specialised managed services, including: - Application security on demand - Advanced data protection - Insider threat protection - Governance, risk & compliance… Read more

    In addition to the core SOC solutions, we offer a range of more specialised managed services, including:

    – Application security on demand

    – Advanced data protection

    – Insider threat protection

    – Governance, risk & compliance monitoring

    Application Security on Demand

    This service provides managed application vulnerability detection in deployed applications and services, and also can test mobile apps across every major device and operating system platform. We can coordinate with your app developers to ensure the security of apps under development, since fixing an app still under development is more cost effective than doing so after it has been deployed.

    Advanced Data Protection

    This service manages data in transit, at rest, in-use and in backup. Our solutions use cloud-ready data tokenisation, encryption, masking, access controls, and monitoring from the application to the file system levels, and support a wide variety of platforms and applications.

    Solutions provide for centralised key management, hardware-based protection for root certificates, and compatibility with external and national PKI certificate authorities.

    Insider Threat Intelligence

    By tying events to users across the organisation, we identify high-risk user profiles, and provide scoring and prioritisation of suspicious behaviour. This addresses not only social-engineering driven cyber threats and other unintentional employee error, but also fraud prevention and detection.

    Governance, Risk & Compliance

    Our managed Governance, Risk and Compliance solution includes cyber security risk assessments, and audit, risk and compliance monitoring and management.

    Including this scope in your SOC solution provides assurance that you’re always in compliance with industry and national regulatory requirements and means you are continually addressing changing real-world risks. This service provides more robust results at a lower cost through the SOC’s centralised management and automation features.

  • Security Operations Centre

    DarkMatter on-premise and remote SOC solutions monitor global, regional and local threat feeds; analyse user and network behaviour on both a near real-time and historical basis. Using a combination of threat intelligence, active defense measures… Read more

    DarkMatter on-premise and remote SOC solutions monitor global, regional and local threat feeds; analyse user and network behaviour on both a near real-time and historical basis.

    Using a combination of threat intelligence, active defense measures and advanced big data analystics, our people and our software identify the “needles” of true threats from the “haystack” of flagged incidents.

    Ultimately, our ability to aggregate and fuse these data sources from inside and outside the organisation helps the SOC generate actionable intelligence for denying, degrading and disrupting the full spectrum of advanced threats.

    On-Premise SOC

    Offering the most comprehensive support, the DarkMatter on-premise SOC gives our experienced, trained and government-security cleared teams a direct view across your network. This ensures the most complete and most immediate access to what’s happening and allows the most rapid coordination and response to issues as they arise. This solution is ideal for organisations with complex and high-risk network and cyber security requirements.

    This solution is characterised by services such as:

    – Intrusion monitoring, incident analysis, investigation and response

    – Security engineering, and operations and maintenance (O&M) of security technologies

    – Full-content network traffic monitoring and analysis

    – Collaboration with cyber centres and government cyber emergency response teams (CERTs)

    – Integrated cyber threat analysis

    – Insider-threat detection, investigation and mitigation

    Remote SOC

    Delivered from DarkMatter’s state-of-the art, next-generation facility, which once fully operational will feature some of the most advanced IT and cyber security infrastructure in the region, our remote SOC service means that our expert cyber security professionals have full 24/7 visibility across your network to monitor for attacks, anomalies, malicious or suspicious activity, and other threats to your data, systems and operations.

    For organisations with their own in-house cyber security and SOC services, we can augment during business hours and/ or take over during off hours, holidays, weekends or any other period.

    When we identify suspicious activity that needs your response, we will inform you immediately and let you know what steps, if any, you need to take.

    Defining characteristics of the Remote SOC solution include:

    – Remote monitoring, remediation and resolution

    – Advanced correlation analysis

    – Monitoring of security technologies

    – Governance, risk and compliance monitoring

    – Continuous vulnerability management

    – Advanced cyber network defence services

    Hybrid Security Operations Centre

    Our Hybrid Security Operations Centre offers:

    – On-premises augmented SOC resources during core business hours leveraging your technology

    – Remote SOC resources monitoring of your technologies after core business hours, weekends, and holidays

    – Advanced Threat Intelligence Services

    – Ad hoc and scheduled managed security services including Governance, Risk, and Compliance Monitoring Services and Vulnerability Assessment Services