Auriga Consulting Ltd

CyberGator SOC

CyberGator SOC is a tailored, managed Security Operations Centre (SOC) service designed to meet the needs of tighter budgets and small infrastructures and environments. CyberGator SOC offers all the benefits expected from a SOC/SIEM, but with the ability for the Client to manage the Service themselves

Features

  • UK Based Managed Security Operations Centre
  • Built in Network Operations Centre capabilities
  • Non invasive Monitoring model
  • Compliance reporting for ISO 27001, PCI, GPG13, SOX etc.
  • Self-learning and automated component discovery
  • Tailored Threat Intelligence Campaigns
  • Tailored Business Intelligence Campaigns
  • Network and application intelligence
  • Rapid behaviour analytics and learning
  • Cross vendor support and log consumption

Benefits

  • Monitor business critical components as part of a business context
  • Monitor business components in real-time
  • Manned business day monitoring with on call out of hours
  • Efficiently monitor hardware and software for security and system health
  • Monitor business process instead of focusing on individual components
  • Compliance reporting to enable efficient auditing
  • Flexible and scalable security services, scale up/down, as required
  • Efficiently and effectively manage enterprise risk and threat
  • Benefit from sector, regional and business specific Threat Intelligence
  • Identify and manage security incidents effectively

Pricing

£39.00 to £97.50 per device per month

Service documents

Framework

G-Cloud 11

Service ID

5 4 2 0 8 2 2 9 0 4 4 7 8 9 9

Contact

Auriga Consulting Ltd

Ian McKay

0203 7938820

ian.mckay@aurigaconsulting.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Planned maintenance periods are agreed per customer but default to periods after 8pm Mon-Fri or at weekends.
System requirements
  • ESXi
  • HyperV
  • AWS-EC2
  • Azure
  • Centos, Ubuntu OS
  • 2xCPU 4GB Ram
  • 31GB HDD Image

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Auriga provides ticketing support through Zendesk which is included at no extra cost to the Client. Auriga's Support will pick up the ticket and will endeavour to respond as quickly as possible. Auriga can provide SLA-based support options (e.g. 12 hour response) at extra cost to Clients. For the highest tier of the CyberGator SOC Service, each Customer will be assigned a dedicated technical Security Analyst to support them on a 24/7 basis.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.1 AAA
Web chat accessibility testing Tbc
Onsite support Yes, at extra cost
Support levels All CyberGator SOC Clients are provided a Technical Account Manager to assist them during the life of the Service. This process is initiated prior to the on-boarding phase. All CyberGator SOC Services include as part of the per node fee, the following support as part of a single support level:
- On-boarding assistance
- Collector troubleshooting and break fix support
- Log configuration guidance and assistance
- Service desk and ticketing integration assistance and troubleshooting
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started CyberGator SOC provides a level of Service appropriate for all Clients, organisations and environments. The engagement process begins with a no obligation initial visit. A CyberGator Security Architect or SOC Analyst liaises with the Client to determine levels of threat and exposure, then recommending the most appropriate solution, ensuring it is in line with the overarching business strategy. This initial workshop can also be used to identify the scope of the Service and provides some simple advice in the form of recommended next steps.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction Historical log data is exported in JSON and CSV formats and securely transferred back to the Client upon service termination. Any reports which have been produced on behalf of the Client within a 3 month period can also be made available at no extra cost
End-of-contract process Upon service termination the Client simply removes any virtual machines hosting the Collector from their environment. Upon doing so the Client will also receive their historical log data (12 months) in JSON or CSV formats. The administrative data transfer fee is £1,100.00 excluding any outstanding monthly contract fees, additional personnel costs and taxes

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
Designed for use on mobile devices No
Service interface Yes
Description of service interface The Service provides a simple to use graphical user interface for the Client that will be managed by Auriga. The Client will be able to view a read only copy of the portal.
Accessibility standards None or don’t know
Description of accessibility The Service is accessible by Clients using the graphical user interface provided by Auriga. The Client will be able to view a read only copy of the portal.
Accessibility testing N/a
API No
Customisation available No

Scaling

Scaling
Independence of resources The CyberGator SOC service relies upon a flexible utility computing model. Resources and performance are monitored around the clock. Any increase in resource requests impacting the service will be mitigated by allocating more resource to the Service. This includes storage, memory and bandwidth

Analytics

Analytics
Service usage metrics Yes
Metrics types Auriga provides information on the devices the Client has onboarded, and the amount of logs, as well as a graphical user interface that shows comprehensive visualisations of the environment
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Historical log data and any reports stored by Auriga on behalf of the Client will be encrypted and made available to the Customer via the CyberGator SOC secure portal (TLS Certificate based Authentication and encryption)
Data export formats
  • CSV
  • Other
Other data export formats JSON
Data import formats Other
Other data import formats JSON

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Full Terms and Conditions and SLA terms are presented at the quotation phase with the Client. In summary, the service meets the 99.99% uptime requirements. The service utilises dual datacentre technology with an Active/Active model in place. Failure of Auriga to deliver the CyberGator SOC Service to Clients for the agreed delivery commitment will result in the issue of service credits.
Approach to resilience This information will be available on request
Outage reporting The CyberGator SOC Service would report service outages via the secure customer portal or via secure email

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels Administrator Permissions and user access control within management interfaces.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users receive audit information on a regular basis
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes 1. Acceptable Use Policy
2. Access Control Policy
3. Information Security Policy Supplier Relationships
4. Information Systems Acquisitions & Development Policy
5. Clear Screen Policy
6. Social Media Policy
7. Information Risk Policy
8. Asset Management Policy
9. Forensic Readiness Policy
10. Incident Management and Reporting Policy
11. Information Security Policy
12. Logging Policy
13. Network Security Policy
14. Remote Working Policy
15. Information Security Policy Statement
Procedures:
1. Business Continuity Procedure
2.Backup Process
3. Change Management Process
4. Control of Records Procedure
5. Incident Response Plan
6. Information Classification Procedure
7. Secure Disposal Procedures
8. Joiners Movers Leaver Process
9. Internal Audit Procedure
Internal review is completed quarterly as well as an external audit carried out every 6 months.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Auriga adheres to ISO 27001:2013 change management process.
Vulnerability management type Supplier-defined controls
Vulnerability management approach The CyberGator vulnerability management process consists of five phases;
1. Preparation - allows the ability to define the scope
2. Vulnerability Scan - allows CyberGator to obtain an overview of vulnerabilities in the systems.
3. Define remediation - The vulnerabilities will be analysed to determine the associated risk and in input will be provided on risk of remediation.
4. Implement remediation actions - agreed remediation actions should be resolved in line with the agreed time-frames.
5. Re-scan - to verify the remediation actions have been implemented. In order to prevent inaccurate results, this will be performed using Nessus and Qualys.
Protective monitoring type Supplier-defined controls
Protective monitoring approach CyberGator SOC protective monitoring process consists of 5 phases;
1. Triage and Investigate Security Alerts
2. Write Up and Report Security Incident
3. Notify Major Security Incident
4. Triage security alerts
5. Review Baselined Security Alerts

For more in depth explanations please contact Auriga
Incident management type Supplier-defined controls
Incident management approach The CyberGator incident management process consists of three phases;
1. Triage
2. Investigate
3. Report
Information about a Security Incident that is gathered throughout the triage and investigation stages of the process is captured in a Security Incident ticket. Part of the reporting stage, a subset if the information is written up into a Security Incident Report which is sent to the appropriate Customer PoC.

Security Incident Reports are written up in the CyberGator Portal in a Security Incident Ticket in accordance with the CyberGator Security Incident Reporting Guidelines. Once reviewed, the report is sent to the appropriate Client contacts.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £39.00 to £97.50 per device per month
Discount for educational organisations No
Free trial available No

Service documents

Return to top ↑