Raytheon’s V-SOC service takes a new approach to managed security by automating much of the traditional Managed Security Services model through its Automated Threat Intelligence Platform (ATIP) and allowing analysts to spend their time conducting advanced analytics and network hunting for threats that can circumvent traditional security controls.
- Advanced analytics and machine learning technologies.
- Experienced threat-hunters analyse network and host data for threats
- Vendor agnostic. We work with your existing systems.
- Our service supports and integrates into our clients.
- We work alongside existing security teams.
- All data stays within the customer environment.
- Proprietary Automated Threat Intelligence Platform technology.
- Tuning performed on client tools stays with the client.
- Advanced detection and proactive threat hunting.
- 24/7 coverage.
- Extensive expertise in best-of breed toolsets.
- Focuses on advanced threats, tactics, techniques and procedures.
- Leverages client’s current security toolset.
- Maintains client control over sensitive security data.
- Works alongside client to mature existing security posture.
£458 to £2750 per person per day
Raytheon Systems Limited
0161 452 1409
Raytheon need to implement a Virtual Private Network to allow analysts to view customer data. This service will not be usable on air-gapped systems.
The customer will need to have security systems in place on desired networks in order to use this service.
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Notification of receipt: approximately 15 minute
Response to support email: Critical priority as soon as possible. Standard priority approximately 24 hours.
Responses at weekend are lowered.
|User can manage status and priority of support tickets||No|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
|Support levels||Email support provided as standard. Increased levels of support may be available through discussions with customer. All customers are assigned a Technical Account Manager and a Support Engineer who are able to manage the support relationship with the customer.|
|Support available to third parties||No|
Onboarding and offboarding
Raytheon provide a visibility check and set up service with the customer, to ensure that the correct logs and feeds are set up. There is no training needed for the customer.
Raytheon work with the customer to design the methodology for raising and managing incidents as per the customer's needs.
|End-of-contract data extraction||There is no data to extract. All data is kept in the customer's systems.|
|End-of-contract process||At the end of a contract, Raytheon would remove its proprietary tool, ATIP, from the customer's systems. Raytheon would also remove the Virtual Private Network from its and the customer's systems.|
Using the service
|Web browser interface||No|
|Command line interface||No|
|Independence of resources||Demand is monitored and analysts are assigned to the customer based on demand to ensure a consistent level of service.|
|Infrastructure or application metrics||No|
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Hardware containing data is completely destroyed|
|Equipment disposal approach||A third-party destruction service|
Backup and recovery
|Backup and recovery||No|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
|Guaranteed availability||The availability of the designed service is agreed with the client and implemented with the application vendors and hosting providers.|
|Approach to resilience||The Virtual Security Operating Centre has resiliency built into its design. More information available on request.|
|Outage reporting||Any outages are reported via email.|
Identity and authentication
|Other user authentication||The customer users do not access the service.|
|Access restrictions in management interfaces and support channels||The customer users do not access the service. Support channels are operated via email and a designated technical account manager.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||Other|
|Devices users manage the service through||Dedicated device on a segregated network (providers own provision)|
Audit information for users
|Access to user activity audit information||No audit information available|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||BSI|
|ISO/IEC 27001 accreditation date||23/03/2017|
|What the ISO/IEC 27001 doesn’t cover||Raytheon R0 network.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||As laid down in ISO 27001 and List-X/STRAP, Raytheon ensures full compliance with respective requirements. Raytheon's computer network, R0, holds Cyber Essentials Plus certification. Site Information Assurance (IA) Security Managers (IASMs) ensure that all security and IA policies and processes are complied with. Responsibility for IA and security lies with Chief Security Officer (CSO) and Chief Information Security Officer (CISO). IASMs also have responsibility for physical security / alarms / access control. Security management plans, and Concept of Operations are available for each Raytheon site.|
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||Raytheon have a defined set of internal governance processes as per our ISO27001:2013 [certified] & ISO9001:2015 accreditation programmes to manage change and configuration control, which have been reviewed and approved by external accreditors.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||IT Healthchecks are carried out on Raytheon's internal network, R0, on a annual basis. All Project Unique Environments (PUEs) once constructed, will be penetration tested to ensure compliance with current requirements. On PUEs, patches are deployed on a quarterly basis. Any critical patches are engaged within 48 hours. Information about potential threats is provided by the Ministry of Defence Joint Cyber Unit Computer Emergency Response team and is supplemented by other sources (Microsoft, Red Hat, etc.)|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||Raytheon use IBM's Q-Radar Security Information and Event Management (SIEM) to collate log data from an agreed set of server and network based end-points. Log files are pulled to a number of 'collectors' deployed across the enterprise which collate security, system, network, application and database logs in near-real time (c. 300 per second). Log files are sent to the Raytheon Security Operating Centre (SOC) analyst, who analyses the logs for anomalies and / or potential breaches. In the event suspicious activities are detected, the SOC analyst initiates and incident response commensurate with the nature of the event.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||Incidents are reported to the Raytheon IT Service Desk. Thereafter, the security controller and/or a member of Information Assurance (IA) Security and Compliance (IASC) is charged with conducted a severity vs. impact assessment. Both the incident report and severity / impact assessment are transferred to the incident management database (accessible only by the IASC team) before the security manager and/or Head of IASC determine whether the incident can be resolved locally or requires escalation to the Senior Leadership Team. Incidents are reported to the relevant externally authority within two workind days.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Separation between users
|Virtualisation technology used to keep applications and users sharing the same infrastructure apart||No|
|Price||£458 to £2750 per person per day|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Terms and conditions document||View uploaded document|