Incident Response Planning: Preparing for the Unexpected
In today's world of cyber threats, it's no longer a matter of if your business will experience a security incident, but when. That's why...
top of page
Threat Detection and Response:
Focus on your core operations, while still having peace of mind that their systems are secure
Our team of experts monitors your systems 24/7, providing you with timely alerts and notifications in case of any security incidents. We investigate any potential threats, respond to security incidents, and help you develop proactive security strategies.
Vulnerability Assessments:
Save time and resources while still ensuring that your systems are secure
Our team performs regular vulnerability assessments to identify any weaknesses in your systems and provide you with recommendations to address them.
Compliance Management:
Ensure you're meeting the necessary standards without diverting resources from your core operations.
We help businesses comply with industry regulations and standards, such as HIPAA, PCI DSS, and GDPR, by ensuring that your security systems meet the required standards.
Incident Response Planning:
Assure that you're prepared for any security incidents without employing special technical expertise to develop effective response strategies.
We help businesses develop incident response plans to ensure that they are prepared in case of a security incident.
Security Consulting:
Benefit from the expertise of security professionals without the need to hire full-time staff.
Our team provides businesses with security consulting services, helping you develop proactive security strategies that are tailored to your specific needs.
The Cost of doing it yourself:
-
Annual Personnel: 5 x $69,000
-
Annual Process/Operational Costs: $22,000
-
Annual Technology Costs: $115,000
-
Total First-Year Cost: $1 Million
-
Total Annual Recurring Costs: $1 Million
A SOC environment requires, in addition to People investment, a rather huge investment in monitoring, scanning, forensic software, hardware that requires not only initial significant investments, but also ongoing maintenance and licensing expenses.
MANAGED SERVICES / INCIDENT RESPONSE
1
Silver
-
Cloud or customer-managed SIEM
-
Emagined Security monitors and tunes the customer’s SIEM implementation
-
Silver requires customers to use cloud offerings or maintain the SIEM solution internally
-
General maintenance, updates, and tuning
-
Correlation Rules and content as it applies to global client environments
-
Data / incident correlation
-
Configuration of alerts / events forwarding to Emagined’s federation server
-
Alert email generations
-
Incident prioritization
-
Incident escalation
-
Status briefing quarterly
2
Gold
-
Cloud or on-premises SIEM
-
Includes Silver
-
Enable and optimization of rules specific to a customer instance or use case that are native to the SIEM technology
-
Real time Microsoft teams alerting
-
Incident Response Level 1 (Incident Triage)
-
Portal access limited to 1-3 customer personnel
-
Status briefings monthly
3
Platinum
-
Typically purchased as a monthly threat-hunting upgrade
-
Includes Gold & Silver
-
Portal access is limited to 3-5 customer personnel
-
Status briefing twice, monthly
-
Proactive threat analysis & detection: Emagined provides threat intelligence services to help identify potential attacks and issues that may be identifiable in advance as well as research issues
-
Threat Hunting: Emagined will perform proactive hunting on customer infrastructure for any indicators of potential compromise
Service Level | Platinum | Gold | Silver |
|---|---|---|---|
Brief Description | Proactive Level | Enhanced Level | Basic Level |
All Log Data Stays on Client’s Assets / Cloud Infrastructure | √ | √ | √ |
Data Storage on Cloud | Optional | Optional | √ |
Only Alert Data Sent to Emagined Security Premises | √ | √ | √ |
Real Time and Transparent Communication for All Alerts and Critical Events | √ (Teams) | √ (Teams) | Critical Events (Mail) |
Monthly Status Briefing | 2 Twice Monthly | Monthly | Quarterly |
Incident Response Retainers (On-Demand Level) | Optional (Price Reduced) | Optional | - |
Customer Portal Access | 3-5 Personnel | 1-3 Personnel | - |
Infrastructure Maintenance | |||
Basic Maintenance of The SIEM Environment, Including: | |||
Full Release Updates | Cloud Only | Cloud Only | Cloud Only |
Monitoring for Devices Which Stop Reporting | √ | √ | - |
Enhanced SIEM Maintenance | |||
Upgrades, Log Failure Alerts, etc. | √ | - | - |
Security Engineering Onboarding / Enhancements | |||
Standard / Supported Log Source | 10 Per Year | 10 Per Year | 10 Per Year |
Non-Standard / Unsupported Log Source | 2 Per Year | 2 Per Year | - |
Content & Architecture Development | Max Hours Contract Based or T&M | ||
Call Tree Development | √ | √ | √ |
Requirements Gathering Sessions | √ | √ | √ |
SIEM Tool Installation | √ | √ | - |
Custom Rules Development Not Native to SIEM | √ | √ | √ |
Custom Dashboards | √ | √ | - |
Critical Event Ticket Management | √ | √ | √ |
Service Mappings to Customer Processes | √ | √ | √ |
Security Monitoring | |||
Data Incident Correlation | √ | √ | √ |
Security Log Collection | √ | √ | √ |
Global Correlation Rules / Content Creations & Maintenance | √ | √ | √ |
Log Analysis | √ | √ | √ |
Incident Response Level 1 (Incident Triage) | √ | √ | - |
Alert Email Generations | √ | √ | √ |
Incident Prioritization | √ | √ | √ |
Incident Escalation | √ | √ | √ |
Advanced Monitoring | |||
Customer Specific Rules / Content Creations & Maintenance | √ | √ | - |
Rogue Device Detection | √ | √ | - |
Suspicious User Detection | √ | √ | - |
Typo Squatting (Homoglyph) Detection | √ | √ | - |
Suspicious VPN Monitoring | √ | √ | - |
Observable Indicators of Compromise | √ | √ | - |
Insider Threat Detection | √ | √ | - |
Suspicious User Agent Detection | √ | √ | - |
Real-Time Collaboration | √ | √ | - |
Proactive Threat Analytics | |||
Proactive Threat Analysis & Detection | √ | - | - |
Custom Organizational Alerting Policies | √ | - | - |
Threat Hunting | √ | Optional: 1 Month Upgrade | Optional: 1 Month Upgrade |
WE'RE PROUD TO WORK WITH BRANDS OF ALL SIZES ACROSS ALL INDUSTRIES
bottom of page