SOC as a Service
Gotham’s SOC as a Service offering includes a bundle of tools, people and services to effectively monitor and manage threats to your environment. The bundle includes:
- Managed threat detection and response, with proactive threat hunting.
- Behavioral analytics and machine learning SIEM platform
- Unlimited log collection and storage
- Vulnerability corrective services provided by Gotham's InfoSec Team
- Monthly security risk rating and reporting, powered by SecurityScorecard with Gotham corrective recommendations
- Per-incident and monthly/quarterly reporting/trending analysis and recommendations.
|
Security as a Service
Many organizations struggle to maintain a healthy and rigorous Cybersecurity program for a number of reasons, chief among them the lack of available resources to manage the many layers of technology involved in today’s security stacks. Small and mid-sized organizations typically don’t have the budget to fund full-time, trained cyber security expert or team and manage the inherent turnover that comes with the territory. A reputable MSSP fills the gaps. Gotham hires its own certified staff and ensures they stay abreast of ever-evolving cyber threats by working with a number of different technologies across many customers, with a deep bench of experts to back each other up. By leveraging Gotham for this managed service, customers can focus on their business and allow Gotham to be an extension of your staff.
Security as a Service packages are purpose-built and customized for each customer’s needs. We provide a fixed monthly fee to handle all the needs presented for coverage. We provide services to support solutions in:
- Endpoint protection, next generation AV
- Anti-spam, anti-malware platforms
- Privileged access management
- MDR platforms
- DLP
Gotham will provide managed services to operate and maintain security platforms for customers during business hours and emergency support 24x7 via our on-call team. For each of the technologies listed Gotham will:
- Provide move/add/change services
- Monitor each environment for uptime and availability
- Respond to alerts and notifications as needed
- Create and run custom reports as requested
Leading vendors we provide services for include CrowdStrike, CarbonBlack, Mimecast, CyberArk, ProofPoint, Arctic Wolf, and Varonis.
|
Incident Response
Gotham’s Incident Response program is a low-cost/high-value solution for customers who want peace of mind knowing they have access to world class cyber analysts and engineers. We provide customers with the support needed to contain security incidents, such as:
- Real or suspected events adversely affecting the security of computer systems or computer networks.
- Violation of security policy whether explicit and documented or implied via processes and procedures.
- Attempts to gain unauthorized access to a system or its data whether those attempts were successful or not.
- Disruption or denial of service.
- Unauthorized use of a system for the processing or storage of data.
- Changes to system hardware, firmware, or software characteristics without proper approval, instruction and/or consent.
Included in the service:
Incident Response Service – Gotham and its partners perform the following services based on the type of incident.
- Digital Forensic Analysis Service – Once an Incident has been reported to Gotham, Digital Forensics Services will begin.
- Compromise Assessment – The Compromise Assessment Service evaluates Customer’s environment for the presence of malicious activity and provides a full set of recommendations.
- Remediation Service – Once the Incident Response Services have been completed, Gotham system experts assist customers in remediating issues found and returning their systems and network control back to the customer.
Also included in the offering are:
- Quarterly IR Preparedness Reviews – A Gotham Principal Architect and Security Analyst deliver a review of current External Threats and review Customer’s Incident Response plan. (video conference)
- Assistance With IR Tabletop Exercises – A Gotham Principal Architect and Security Analyst will work with Customer’s team in planning and executing one annual tabletop exercise to ensure IR response preparedness. (video conference)
|