Managed Security Operation Center (SOC) as a Service - by BitHawk

BitHawk helps you build a Security Operations Center with Microsoft's cloud products. The products Microsoft Defender for Endpoint/Business, Microsoft Defender for Identity, Microsoft Defender for Office 365 are used to actively monitor the customer's environment and intervene in case of incidents. Protect your entire Office 365 environment from blended threats such as phishing and fraudulent business emails.

Scope of services offered:

• Qualified and experienced security analysts
• Proactive monitoring and analysis using up-to-date threat data
• State-of-the-art security solutions with AI, ML and automation
• Message assessment and interpretation
• Defensive measures and damage limitation in the event of cyberattacks
• Alerting on specific suspicions and attacks
• False positive assessment and event closure
• Vulnerability management (assessment and reporting)
• Recommendations for optimization of security measures
• Reporting
• Priority handling of security incidents (taskforce / recovery etc.)

Service hours: Official BitHawk operating hours (07:30 - 17:30)

Microsoft technologies used:

• Microsoft Defender for Endpoint/Business
• Microsoft Defender for Identity
• Microsoft Defender for Office 365

Baseline:

• Attacks are on the rise and getting smarter
• Vulnerability management is becoming more and more important
• Too few resources to run a SOC service
• No sensors or technology to detect attacks, abnormal behavior and vulnerabilities
• Too many events to react fast and professionally enough
• Lack of know-how to assess incidents
• Silo-based security solutions (not overarching)
• Constant new features in modern cloud solutions
• No logs in case of need, as there are no tools that record incidents and make them visible
• High operational costs of having your own SOC and their tools