Security Operations Service Service Definition                     Toggle navigation                        Improve this Doc                

       Show / Hide Table of Contents          Security Operations Service Service Definition What is the Security Operations Service? The Security Operations Service is a cloud-hosted cyber security solution that can see your organisation's entire IT estate, all the time, enabling complete visibility helping to identify suspicious activity, ensuring you have an up-to-date view of possible threats. Unlike other traditional cyber monitoring systems, the Security Operations Service combines people, process and technology to protect brand and reputation.

 There's a growing demand for an end-to-end cyber security solution, given the need to keep pace with the rising expectations for online services such as always-on, hyper connected and secure applications. To meet this expectation, organisations are investing in distributed IT estates underpinned by cloud services, but this increases the potential attack surface and data sprawl across the estate. Whilst this delivers modern applications, it does present a cyber security challenge given this model exposes organisations beyond the traditional data centre, taking them into multi-cloud, hybrid cloud and on-premise deployments.

 Utilising e2e-assure's capability performing services such as traffic analysis; deep packet inspections; Intrusion Detection Systems, vulnerability scanning; blacklist monitoring of the assets that matter to you; highly skilled Security Operations Centre (SOC) personnel and UKCloud's highly connected, highly secure cloud platform, we deliver a SOC that can see your entire IT estate and is always available.

 What the service can help you achieve  Provides an end-to-end cyber security capability, continual cyber defence with alerts and incident response. Identify threats before they become incidents.

  Integrates with existing toolsets to ensure that you're getting best value from your existing cyber investments.

  Provides process support for your SOC with a variety of support options available, from online training and helpdesk to managed SOC functions.

  Monitors your workloads at OFFICIAL, OFFICIAL-SENSITIVE and above OFFICIAL classifications.

  Simplifies the management of the increasing attack surface of your cyber security environment by providing a consistent security management service for all your workloads.

  Improves the level of cyber capability / skills within your own organisation with tailored support options.

  Take control of your own security operation monitoring or have events proactively triaged by highly trained remote SOC analysts, reducing resource requirements for a growing threat landscape.

   Product options The service is designed to be flexible and allows you to choose from the options below to match your requirements.

    Service tier Description     Premium / Plus SOC as a Service(including Platform Only and Enhanced capabilities) A complete cyber solution including:Professional Services - discovery through to delivery and management (priced separately, see Professional Services Service Definition)Identify root causes providing deeper remediation support as requiredAutomated Cyber Defence Remediation as agreedRemote portal, dashboard and case management toolsExpert SOC analysts, includes event and incident reporting, security processes managementForensic investigation and malware analysis   Enhanced SOC as a Service(including Platform Only capabilities) Alerts triaged by highly trained analysts to mitigate risksAsset Management and Threat ModelRunbook support and developmentRemediation support to reduce recurrence of threatsPortal access for reports and dashboards including monthly reviewsIn-house security teams supported by highly trained SOC analysts   Platform Only – Basic SOC Cumulo protective monitoring dashboardCollect events, logs and other threat intelligence continuouslyHigh priority alerts within 15 minutes of detectionGenerates alerts on a 24/7 basisSOC triage and filtering of noise gives clear warnings and helps trigger timely responsesYou choose to create notifications via emailEnable your in-house security operation team to investigate events and threats    Pricing and packaging Security Operations Service pricing can be as low as £1.96 per asset per month. Full pricing with all options is available in the UKCloud Pricing Guide. Customers will also need to purchase the appropriate UKCloud infrastructure to host the Security Operations Service solution.

 Accreditation and information assurance The security of our platform is our number one priority. We've always been committed to adhering to exacting standards, frameworks and best practice. Everything we do is subject to regular independent validation by government accreditors, sector auditors and management system assessors. Details are available on the UKCloud website.

 Connectivity options UKCloud provides one of the best-connected cloud platforms for the UK Public Sector. We enable access to our secure platform by DDoS-protected internet, PSN, Janet, HSCN, RLI and your own leased lines via our HybridConnect or CrownConnect services. The full range of flexible connectivity options is detailed in the UKCloud Pricing Guide.

 An SLA you can trust We understand that enterprise workloads need a dependable service that underpins the reliability of the application to users and other systems, which is why we offer one of the best SLAs on G-Cloud. As the SLA varies based on the chosen cloud technology, you can find full details on each service's SLA, including measurements and service credits, in the SLA definition.

 The small print For full terms and conditions including onboarding and responsibilities, refer to the Terms and conditions documents.

 Why UKCloud? UKCloud is dedicated to the digital transformation of our nation's public services through our flexible, secure and cost-effective multi-cloud platform and the expertise of our people and partners. We believe that diversity of technology drives value and innovation and so we bring together different cloud technologies, with different deployment models spanning on-premises (private cloud), on-campus (Government's Crown Campus) and off-campus global public cloud services. This enables you to choose the right cloud for creating new workloads or migrating or replacing existing applications to the cloud with specialist SaaS solutions.

 

 We recognise the importance of public services to UK citizens and businesses, which is why we include the highest level of support to all our customers at no extra cost. This includes dedicated 24/7 UK support, a Network Operations Centre (NOC), utilising protective and proactive monitoring tools, and access to UKCloud's experts. UKCloud can also provide outcome-based professional services or managed services to help you with digital transformation.

 Feedback If you find a problem with this article, click Improve this Doc to make the change yourself or raise an issue in GitHub. If you have an idea for how we could improve any of our services, send an email to [email protected].

         ☀       ☾                  Generated by DocFX Back to top  © UKCloud Ltd, 2022. All Rights Reserved.Privacy Policy. Terms of Use. Contribute.         The UKCloud Knowledge Centre uses cookies to ensure that we give you the best experience on our website. If you continue we assume that you consent to receive all cookies on this website. 

   Accept            hljs.registerLanguage('terraform', window.hljsDefineTerraform); hljs.initHighlightingOnLoad();     window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-57433193-6');