PRIMENET LIMITED

Managed SOC Primenet managed cyber security operations center

Primenet's Managed SOC provides security for customers around the world and is the best managed cybersecurity operation service in Israel, our service goals are:
Professional incident response & investigation services. Improving the organisation's defense posture we monitor & response to threats and risks according to customer activity time in real-time.

Features

  • SIEM SOC Service Monitoring around the clock for security incidents
  • Incident Response dedicated IR team for sophisticated attacks
  • Cyber Threat Intelligence social media forums tailored intelligence including darknet
  • MDR Managed Detection Response provide advanced hunting and analysis capabilities
  • Vulnerability Management Services schedule vulnerability scans analyzing results remediation
  • Automate & Orchestrate Service designing and building workflows and playbooks
  • Red team to test and refine the organizations security posture

Benefits

  • Our service fits any regulation or standard
  • Our service can manage on-premises existing tech
  • The services are technology agnostic one team to manage all
  • Single team with all skills and knowledge
  • Framework based on ITIL CMMI NIST ISO27001 KillChain MITRE Att&ck
  • Service can be adjusted to answer customers needs

Pricing

£6,000 a terabyte a month

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tony@primenetuk.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

5 1 6 9 5 2 8 3 5 1 8 3 4 6 6

Contact

PRIMENET LIMITED Tony Smith
Telephone: 07951 290632
Email: tony@primenetuk.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
If the organization implemented a SIEM or EDR solution the service can be an add-on to manage and respond upon.
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints
There are no service constraint.
System requirements
  • A virtual machine will be required
  • The software licences can be procured by the organisation
  • The licences can also be provided by Primenet

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response is 24x7x365
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
You would log on via a portal with 2 factor Authentication. Using any web browser.
Web chat accessibility testing
Not As Yet
Onsite support
Yes, at extra cost
Support levels
Primenet's 24/7 service desk puts an experienced team of highly-qualified engineers at your disposal. We have an enviable reputation for providing the kind of support your employees really want. Our service is a true round-the-clock, enterprise grade managed support service to ensure that the requisite expertise is on hand day or night to act swiftly should the unexpected happen. Response times are based on severity - Critical (10 minutes), Standard (45 minutes), Low (90 minutes). This is subject to having a support contract in place. These response times apply to outside of normal business hours (including weekends) subject to a 24/7 support agreement being in place. You will also have an assigned technical account manager who will work with you on current and ongoing requirements. We provide a Managed Service Desk, Unlimited Tickets starting at £25.00 per registered user, per month. (Not including Remote Network Monitoring). Remote Network Monitoring is added at £3.50 per device / appliance monitored.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
The TSOC service can be fully managed by Primenet, or manged by the end user with assistance from Primenet. Primenet fully supports installation and deployment of their recommended vendor solutions. Primenet can provide training of the service and also provide vendor documentation.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
In case of the system being procured and implemented on-prem the system can be hand-off to the customer with all data \ development and content.
End-of-contract process
You will contacted three months from contract end to understand if you would like to renew the contract over the same term. If you decline, your tenant will be closed down on contract end date. Costumers can customise the service deliverable: monitored use cases, dashboards, IRP`s
Deployment architecture can also be customized per need.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
Description of service interface
The client can have access to the services via a web browser.
Accessibility standards
None or don’t know
Description of accessibility
Via a Browser or via an API
Accessibility testing
Not at this time
API
Yes
What users can and can't do using the API
Users can access the SIEM solution collect data or perform actions within the system. The SOC service itself will manage and use the technology collect logs data and collect incidents data etc.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Costumers can customise the service deliverable: monitored use cases, dashboards, IRP`s
Deployment architecture can also be customised per need

Scaling

Independence of resources
There is no effect to the service

Analytics

Service usage metrics
Yes
Metrics types
KPI KRI
number of incidents
SLA breached
Events per second
other metrics
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra support
Organisation whose services are being resold
TrustNet

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
There is no user data to export with the service
Data export formats
Other
Other data export formats
N/A
Data import formats
Other
Other data import formats
N/A

Data-in-transit protection

Data protection between buyer and supplier networks
IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
URL filtering
Mail relay
endpoint protection
DLP
EDR

Availability and resilience

Guaranteed availability
The service resides on the customer premise so will meet any availability on network or within their cloud environment.
Approach to resilience
Available on request
Outage reporting
There are email alerts sent to the TSOC in the event of a server or technical malfunction.

Identity and authentication

User authentication needed
No
Access restrictions in management interfaces and support channels
TSOC has a full audit-ability and end-to-end encryption.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
ACS Registrars Limited
ISO/IEC 27001 accreditation date
9th November 2019
What the ISO/IEC 27001 doesn’t cover
We have Full Certification
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Other security governance standards

Cyber Security Essentials Plus

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Any changes are handled within the maintenance of the service. i.e. patching of the virtual machine or physical updates to the software running on the machine. There defined and managed processes and are managed within the window of changes.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Our systems are constantly monitored by our security team. As a company which develops vulnerability assessment tool we are well aware of VA sphere and we perform internal pen-tests and daily scans on our tool all threats are flagged in a unified dashboard
all endpoints have AV installed on them. Access to our systems is role based tools are monitored and scanned regularly
we operate a log for user action and perform real-time DLP and Anti malware and ransomware scans
Protective monitoring type
Undisclosed
Protective monitoring approach
We respond within hours to potential threats. We look for threats that evaded the security mechanisms. discovering of zero days and hidden threats. constantly monitor for anomalies in terms of access to files dns requests or unusual outbound network using organizational barriers such as NG FW EDR DLP and constant monitoring.
Incident management type
Supplier-defined controls
Incident management approach
As a security company. We would rather not disclose our internal approach as we hold rather a lot of sensitive and critical client data.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£6,000 a terabyte a month
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tony@primenetuk.com. Tell them what format you need. It will help if you say what assistive technology you use.