Unit 42 powered IR reduces security handover delays in the event of a breach
Socura, a UK-based threat detection and containment specialist, has today announced the release of its 24/7/365 incident response service to help companies react to, respond to, and recover from cyber-attacks. The IR service is designed to improve security outcomes in the event of a data breach by strengthening the lines of communication between detection and response tools, as well as internal and external security teams. By providing an incident response service in addition to threat detection, both powered by the same vendor, Socura reduces security team handover delays and speeds up the SOC’s “time to effectiveness”. This means the time between a data breach being detected, and when a team is primed to act effectively as an incident responder, is reduced. This is critical in the early stages of a data breach, when time is often lost because applications are incompatible, or teams fail to communicate the information as quickly or efficiently as machines can.
The Socura remote SOC specialises in 24/7 threat detection, containing advanced threats and targeted attacks across customer endpoints, networks, and cloud services. It does so at a scale impossible for traditional on-premise SOCs, with unlimited log ingestion via cloud-based tools from vendors including Google, Microsoft and Palo Alto Networks. Socura’s new incident response product means that customers can now respond to data breaches much faster – with a range of services including mitigation support, APT investigation, securing evidence, departing employee investigation and more.
Socura’s incident response capabilities will initially be powered by Palo Alto Networks Unit 42 services. Socura already uses a range of Palo Alto Network services in the SOC, such as XSOAR. Extending this relationship to IR applies a threat-informed approach to detection, containment, and response. It means customers do not waste time transferring information between tools and different teams.
“Data breaches are a short, high stakes race between attackers trying to extract data and defenders trying to stop them, ” said Jamie Brummell, Socura co-founder and CTO. “Many businesses don’t know they are in a race until it is too late. Even when they do detect a breach, they lose a lot of time just getting to the starting line. Unlike dwell time which is an external system of measurement focused on the attacker, ‘Time to effectiveness’ is all about defender readiness. It’s a useful metric to consider for incident response, and was always front of mind when we were assessing the IR products on the market. We want to bring this down as much as possible. With Socura’s incident response service, every tool and every team is on the same wavelength. Data is passed seamlessly and instantaneously between detection and response teams, and can be used to mitigate the impact of a data breach as effectively and as quickly as possible.”
Read more about Socura’s new IR service here https://socura.co.uk/24-7-digital-forensics-and-incident-response/
About Unit 42
Palo Alto Networks Unit 42 brings together world-renowned threat researchers, elite incident responders and expert security consultants to create an intelligence-driven, response ready organization that’s passionate about helping you proactively manage cyber risk. Together, our team serves as your trusted advisor to help assess and test your security controls against the right threats, transform your security strategy with a threat-informed approach and respond to incidents in record time so that you get back to business faster.
Socura offers a 24/7 Threat Detection and Response managed service via its nationally distributed, UK-based SOC team. The service acts as a trusted extension of clients’ in-house capabilities, delivering swift detection and containment of cyber threats.
Socura helps make the digital world a safer place for its clients and changes the way organisations think about cyber security. It blends technical expertise and industry experience with a people-centric approach to security. Socura has innovation in its DNA, and is pushing the boundaries to deliver high-value cyber security services for clients.