02-27-2021 , 03:06 AM
https://www.comodo.com/socaap/
CLOUD-DELIVERED MANAGED CYBERSECURITY FOR MSPs/MSSPs
THE WORLD’S ONLY SOC AS A PLATFORM (SOCaaP)
Available now, the world’s first and only complete, next-gen SOC-as-a-Platform offering:
Predict
AI/Machine learning with an extensive global footprint of intelligence that is continuously learning and stopping attacks pre-execution.
Prevent
Patented API Kernel Level API Virtualization to mitigate the damage from zero-day threats. Automatic remediation of threats.
Detect
Global sensor network with the maximum granularity of data collection coupled with next gen SIEM Correlation Engine, Monitoring, and Alert Escalation.
Respond
Battle hardened Cybersecurity experts responding to your incidents, customizing response plans, and supporting you 24/7.
SOCaaP PLATFORM CAPABILITIES
Comodo SOCaaP provides an all-in-one platform. Complete with customer management, endpoint management, endpoint protection, incident and response management, threat hunting, network security monitoring, IDS, SIEM, custom log storage with configurable retention, vulnerability scanners, compliance reporting and managed Security Operations Center (SOC). Add these capabilities right into your existing security program.
Security Operations Center (SOC) as a Service
SOCaaP backed by our in-house Security Operations Center (SOC) with managed and co-managed options so you don’t have to hire security analysts.
Security Information & Event Management (SIEM) as a Service
SOCaaP is built on Cloud-based Next Generation Security Information and Event Monitoring platform (SIEM) that is flexible to any size business and can be tailored to fit your specific needs.
Threat
Detection and Response
SOCaaP enables threat detection and response by collecting and analyzing data across more capture points (logs, packets, network, and endpoint) and computing platforms (physical, virtual, and cloud). It correlates and enriches all this information to help analysis for threat detection and response.
Network Traffic Analysis (NTA)
SOCaaP sensor empowers you with network traffic analysis plus deep packet inspection. We detect more than 40 of the most used network protocols, full decode, and give you the most visibility over hidden network threats.
Intrusion Detection (IDS)
SOCaaP sensor provides teal-time threat detection including east-west by tapping and monitoring network. We use our managed IDS ruleset that detects all variants of network-based attacks.
Integrated EPP & EDR
SOCaaP includes Comodo AEP and EDR – in just a few clicks, cover all of your customers endpoints with patented auto containment, next-gen malware protection, and endpoint telemetry.
Comodo Threat Intel Included
SOCaaP uses Comodo Threat Intel as well as other top sources of threat intelligence making the need for other integrations to be impractical.
Auto Enrollment
Use our network scanner and auto-enrollment tool to enroll all of your customers assets and start protecting them instantly.
Cloud Connect
SOCaaP integrates with Cloud, 1-click integration to Office 365, Azure, AWS, and Google Cloud so you can see threats beyond your endpoint and network.
Threat Hunting
You don’t have to invest in hiring security analyst and forensic analyst to give the best service to your customers. Our SOC team runs threat hunting with real-time threat intelligence monitoring, correlating all events with threat intelligent feeds, and detects any threat before it has been executed.
MS 365 & G Suite Monitoring
SOCaaP integrates with MS/Office 365 & GSuite, monitors your privileged accounts, and detect threats over your company cloud assets .
Vulnerability Assessment
SOCaaP sensor includes an incredibly effective vulnerability scanner that you can correlate information for your assets. You no longer have to run other vulnerability scans on your customers’ network.
Single pane-of-glass view
SOCaaP gives you alert management, co-managed SIEM, and endpoint protection for all your customers in a single pane of glass view.
Multi-tenancy
SOCaaP is built with multi-tenancy as its core. You can manage all your customers and their incidents on the same dashboard.
Network Sensors / Managed IDS
SOCaaP provides you with Network Security Monitoring and Managed Intrusion Detection System (IDS) to detect threats on your customer’s network. Sensors can be installed with no down time. Our Customer Success team personally walks you through the process to ensure your success.
Log Ingestion
Forward any log from your customer network to SOCaaP and we will consume it for you. Firewalls, IDS/IPS, Active Directory, and server logs. SOCaaP integrates and translates many different logs into a common log model. It makes your logs searchable, interpretable, and reportable. Build alerts tailored to you and get notified in real-time.
Incident and Response with Managed SOC
SOCaaP’s managed SOC provides all tiers of SOC, 24/7, while managing your alerts and incidents for you. Only real incidents will be escalated to you and our SOC will be there to help you through the response process. We have multiple SLAs to fit your needs.
Compliance Reporting
SOC2, HIPAA, PCI, and CMMC – we support compliance reporting for monitoring and response. Need custom reporting? We’ll do it for you.
Customer and Asset Management
Built from the ground up with multi-tenancy, you can manage your customers and their assets in a single pane of glass view. Being integrated with your favorite PSA tools enables zero-time onboarding.
Patch & Vulnerability Management
SOCaaP detects unpatched applications and vulnerabilities in your customers environments and patches them for you. Our SOC will assist you in running the most efficient patch and vulnerability management program for your customers.
PSA Ticketing
SOCaaP integrates with PSA systems. Our SOC analysts investigate each alert, triage the data, and create a ticket to your PSA system attached with the response details, so you can focus on your operation.
SOCaaP Platform
All modules listed above are included
Customer-Asset Mgmt.
SOCaaP CUSTOMER MANAGER
Multi-Tenant Customer Portal
SOCaaP ASSET DISCOVERY
Discover and Enroll all assets of your customers
SOCaaP CLOUD CONNECT
Connect and Discover Cloud Assets
SOCaaP PSA INTEGRATOR
Integrate with your PSA tools
Incident & Response
SOCaaP INCIDENT MANAGER
Manage all Security Incidents of your customers
SOCaaP RESPONSE PLANNER
Plan Incident Reponse Activities
SOCaaP CASE MANAGEMENT
Case Management for Cybersecurity Incidents
SOCaaP AUTOMATED ANALYSIS & ACTIVE RESPONSE
Automate your analysis over Incidents
SOCaaP THREAT SHARING
Share Threat Information
Security Risk Mgmt.
SOCaaP VULNERABILITY SCANNER
Scan your customer's network and assets
SOCaaP LOG COLLECTOR
Collect any logs to increase visibility
SOCaaP NETWORK SECURITY MONITOR
Network Sensor with full packet capture and decoding
SOCaaP MANAGED IDS
Network IDs with Managed Rules
SOCaaP ASSET RISK ASSESSMENT
Realtime cyber risk assessment on monitored assets
Reporting
SOCaaP COMPLIANCE
Compliance Reporting for your customers
SOCaaP SOC REPORTING
SOC Operational and Metric Reporting
SOCaaP REPORT MANAGER
Prepare custom reports for your customers
SOC as a Service
SOCaaP MANAGED ENDPOINT
Managed Endpoint Services
SOCaaP THREAT MONITOR
24x7 Whitelabeled SOC Services
SOCaaP CLOUD MONITOR
Monitor 0365, AWS, Azure, GC
SOCaaP INCIDENT RESPONSE
Resolve Immediate Cyberattacks
SOCaaP PEN TEST ASSESSMENT
Fortify your defenses by being breached by our industry experts
SOCaaP COMPROMISE ASSESSMENT
Identify Ongoing or Past Attacker Activity
SOCaaP PLATFORM
WILL EMPOWER YOU
Access to security experts on demand - available 24/7/365
Comodo SOCaaP offers tier-1 support and manages your alerts 24/7, providing you with security expertise so you can focus on your core business.
Full Network Visibility to ensure your business is always safe
Comodo SOCaaP passively collects your network data and provides access to NetFlow and other protocol meta data.
Correlate log data
Comodo SOCaaP automates your threat intelligence (ISAC or others). You receive network alerts while our SOC does the analysis for you.
Automate the threat intelligence emails that ISAC sends
Comodo SOCaaP automates your threat intelligence (ISAC or other). You can see your network alerts in the Comodo Web app, drill down for detail; while our SOC does the analysis for you.
Access Office 365 logs to defend against business email threats
Comodo SOCaaP consumes Office 365 logs so you can see threats beyond your network traffic. Build your own alerts and investigate the impact through SOCaaP.
Provide Network Security without changing security stack
Comodo SOCaaP integrates right into your existing security stack. Comodo sensors are installed with no downtime.
Network Security without hiring more staff
We triage alerts and notify you when malicious activity is identified. You can track SOCaaP progress anytime. If you prefer to do the nitty-gritty, our SOC works alongside your team.
Qualified Alert information and SLAs
Comodo managed SOC provides tier-1 support and manages your alerts for you. Only real alerts get escalated and the Comodo SOC helps you through the response process. We have multiple SLAs to fit your needs.
Detect threats hidden in your network
Comodo SOCaaP provides you with an Intrusion Detection System (IDS) to detect threats. Even those that have bypassed other preventative defenses.
Use one product that covers all my threat detection and response needs
Comodo SOCaaP provides an all-in-one product. Complete with TIP, IDS, Log storage with configurable retention, and managed Security Operations Center (SOC). Add these capabilities right into your existing security program.
A threat detection platform that is easy to implement and use
Comodo SOCaaP sensors can be installed over your lunch break with no down time. Our Customer Success team personally walks you through the process to answer any questions or problems that may arise.
Use Threat intelligence without buying a TIP
Comodo SOCaaP connects you directly to your threat intelligence, without the need for a full-scale TIP.
Build and manage intel on one Threat Intelligence Platform (TIP)
Comodo SOCaaP allows you to create and manage indicators. You can track performance of the indicators you set up to see how they are performing in a community environment.
INSTANT DEPLOYMENT
With SOCaaP you can launch your cybersecurity program in two easy steps
Step 1
Connect your PSA
Integrate with your PSA and Auto-Enroll your customers: SOCaaP will fetch your customer’s and provide you auto-enrollment so that you can start protecting all of the endpoints in your customer network.
Step 2
Click to Auto Deploy
Extend security visibility with cloud and network telemetry: SOCaaP connects with cloud providers like O365, Azure, and AWS. You then install SOCaaP network sensor to identify potential threat activity on your network and view everything through a user-friendly online interface. We correlate endpoint, network, and cloud telemetry for you.
SOC as a Service
Co-Managed Threat Detection And Response You Can Afford
With Comodo SOCaaP, you can provide managed threat detection and response service for your customers. SOCaaP is backed by our in-house Security Operations Center (SOC) and Security Information and Event Management (SIEM) which is flexible to any size business and can be tailored to fit your specific needs.
White Label Our SOC Platform With Your Brand:
Add cybersecurity to your suite of services and protect your clients with zero capital outlay. Designed and built for MSPs/MSSPs.
Includes Dragon Enterprise Platform And Auto Containment
Includes Patented Auto Containment Technology is the world’s only active breach protection that renders malware, ransomware, and cyber-attacks useless. Eliminates all false positives and reduces attacker dwell time to mere minutes or even seconds.
CLOUD-DELIVERED MANAGED CYBERSECURITY FOR MSPs/MSSPs
THE WORLD’S ONLY SOC AS A PLATFORM (SOCaaP)
Available now, the world’s first and only complete, next-gen SOC-as-a-Platform offering:
Predict
AI/Machine learning with an extensive global footprint of intelligence that is continuously learning and stopping attacks pre-execution.
Prevent
Patented API Kernel Level API Virtualization to mitigate the damage from zero-day threats. Automatic remediation of threats.
Detect
Global sensor network with the maximum granularity of data collection coupled with next gen SIEM Correlation Engine, Monitoring, and Alert Escalation.
Respond
Battle hardened Cybersecurity experts responding to your incidents, customizing response plans, and supporting you 24/7.
SOCaaP PLATFORM CAPABILITIES
Comodo SOCaaP provides an all-in-one platform. Complete with customer management, endpoint management, endpoint protection, incident and response management, threat hunting, network security monitoring, IDS, SIEM, custom log storage with configurable retention, vulnerability scanners, compliance reporting and managed Security Operations Center (SOC). Add these capabilities right into your existing security program.
Security Operations Center (SOC) as a Service
SOCaaP backed by our in-house Security Operations Center (SOC) with managed and co-managed options so you don’t have to hire security analysts.
Security Information & Event Management (SIEM) as a Service
SOCaaP is built on Cloud-based Next Generation Security Information and Event Monitoring platform (SIEM) that is flexible to any size business and can be tailored to fit your specific needs.
Threat
Detection and Response
SOCaaP enables threat detection and response by collecting and analyzing data across more capture points (logs, packets, network, and endpoint) and computing platforms (physical, virtual, and cloud). It correlates and enriches all this information to help analysis for threat detection and response.
Network Traffic Analysis (NTA)
SOCaaP sensor empowers you with network traffic analysis plus deep packet inspection. We detect more than 40 of the most used network protocols, full decode, and give you the most visibility over hidden network threats.
Intrusion Detection (IDS)
SOCaaP sensor provides teal-time threat detection including east-west by tapping and monitoring network. We use our managed IDS ruleset that detects all variants of network-based attacks.
Integrated EPP & EDR
SOCaaP includes Comodo AEP and EDR – in just a few clicks, cover all of your customers endpoints with patented auto containment, next-gen malware protection, and endpoint telemetry.
Comodo Threat Intel Included
SOCaaP uses Comodo Threat Intel as well as other top sources of threat intelligence making the need for other integrations to be impractical.
Auto Enrollment
Use our network scanner and auto-enrollment tool to enroll all of your customers assets and start protecting them instantly.
Cloud Connect
SOCaaP integrates with Cloud, 1-click integration to Office 365, Azure, AWS, and Google Cloud so you can see threats beyond your endpoint and network.
Threat Hunting
You don’t have to invest in hiring security analyst and forensic analyst to give the best service to your customers. Our SOC team runs threat hunting with real-time threat intelligence monitoring, correlating all events with threat intelligent feeds, and detects any threat before it has been executed.
MS 365 & G Suite Monitoring
SOCaaP integrates with MS/Office 365 & GSuite, monitors your privileged accounts, and detect threats over your company cloud assets .
Vulnerability Assessment
SOCaaP sensor includes an incredibly effective vulnerability scanner that you can correlate information for your assets. You no longer have to run other vulnerability scans on your customers’ network.
Single pane-of-glass view
SOCaaP gives you alert management, co-managed SIEM, and endpoint protection for all your customers in a single pane of glass view.
Multi-tenancy
SOCaaP is built with multi-tenancy as its core. You can manage all your customers and their incidents on the same dashboard.
Network Sensors / Managed IDS
SOCaaP provides you with Network Security Monitoring and Managed Intrusion Detection System (IDS) to detect threats on your customer’s network. Sensors can be installed with no down time. Our Customer Success team personally walks you through the process to ensure your success.
Log Ingestion
Forward any log from your customer network to SOCaaP and we will consume it for you. Firewalls, IDS/IPS, Active Directory, and server logs. SOCaaP integrates and translates many different logs into a common log model. It makes your logs searchable, interpretable, and reportable. Build alerts tailored to you and get notified in real-time.
Incident and Response with Managed SOC
SOCaaP’s managed SOC provides all tiers of SOC, 24/7, while managing your alerts and incidents for you. Only real incidents will be escalated to you and our SOC will be there to help you through the response process. We have multiple SLAs to fit your needs.
Compliance Reporting
SOC2, HIPAA, PCI, and CMMC – we support compliance reporting for monitoring and response. Need custom reporting? We’ll do it for you.
Customer and Asset Management
Built from the ground up with multi-tenancy, you can manage your customers and their assets in a single pane of glass view. Being integrated with your favorite PSA tools enables zero-time onboarding.
Patch & Vulnerability Management
SOCaaP detects unpatched applications and vulnerabilities in your customers environments and patches them for you. Our SOC will assist you in running the most efficient patch and vulnerability management program for your customers.
PSA Ticketing
SOCaaP integrates with PSA systems. Our SOC analysts investigate each alert, triage the data, and create a ticket to your PSA system attached with the response details, so you can focus on your operation.
SOCaaP Platform
All modules listed above are included
Customer-Asset Mgmt.
SOCaaP CUSTOMER MANAGER
Multi-Tenant Customer Portal
SOCaaP ASSET DISCOVERY
Discover and Enroll all assets of your customers
SOCaaP CLOUD CONNECT
Connect and Discover Cloud Assets
SOCaaP PSA INTEGRATOR
Integrate with your PSA tools
Incident & Response
SOCaaP INCIDENT MANAGER
Manage all Security Incidents of your customers
SOCaaP RESPONSE PLANNER
Plan Incident Reponse Activities
SOCaaP CASE MANAGEMENT
Case Management for Cybersecurity Incidents
SOCaaP AUTOMATED ANALYSIS & ACTIVE RESPONSE
Automate your analysis over Incidents
SOCaaP THREAT SHARING
Share Threat Information
Security Risk Mgmt.
SOCaaP VULNERABILITY SCANNER
Scan your customer's network and assets
SOCaaP LOG COLLECTOR
Collect any logs to increase visibility
SOCaaP NETWORK SECURITY MONITOR
Network Sensor with full packet capture and decoding
SOCaaP MANAGED IDS
Network IDs with Managed Rules
SOCaaP ASSET RISK ASSESSMENT
Realtime cyber risk assessment on monitored assets
Reporting
SOCaaP COMPLIANCE
Compliance Reporting for your customers
SOCaaP SOC REPORTING
SOC Operational and Metric Reporting
SOCaaP REPORT MANAGER
Prepare custom reports for your customers
SOC as a Service
SOCaaP MANAGED ENDPOINT
Managed Endpoint Services
SOCaaP THREAT MONITOR
24x7 Whitelabeled SOC Services
SOCaaP CLOUD MONITOR
Monitor 0365, AWS, Azure, GC
SOCaaP INCIDENT RESPONSE
Resolve Immediate Cyberattacks
SOCaaP PEN TEST ASSESSMENT
Fortify your defenses by being breached by our industry experts
SOCaaP COMPROMISE ASSESSMENT
Identify Ongoing or Past Attacker Activity
SOCaaP PLATFORM
WILL EMPOWER YOU
Access to security experts on demand - available 24/7/365
Comodo SOCaaP offers tier-1 support and manages your alerts 24/7, providing you with security expertise so you can focus on your core business.
Full Network Visibility to ensure your business is always safe
Comodo SOCaaP passively collects your network data and provides access to NetFlow and other protocol meta data.
Correlate log data
Comodo SOCaaP automates your threat intelligence (ISAC or others). You receive network alerts while our SOC does the analysis for you.
Automate the threat intelligence emails that ISAC sends
Comodo SOCaaP automates your threat intelligence (ISAC or other). You can see your network alerts in the Comodo Web app, drill down for detail; while our SOC does the analysis for you.
Access Office 365 logs to defend against business email threats
Comodo SOCaaP consumes Office 365 logs so you can see threats beyond your network traffic. Build your own alerts and investigate the impact through SOCaaP.
Provide Network Security without changing security stack
Comodo SOCaaP integrates right into your existing security stack. Comodo sensors are installed with no downtime.
Network Security without hiring more staff
We triage alerts and notify you when malicious activity is identified. You can track SOCaaP progress anytime. If you prefer to do the nitty-gritty, our SOC works alongside your team.
Qualified Alert information and SLAs
Comodo managed SOC provides tier-1 support and manages your alerts for you. Only real alerts get escalated and the Comodo SOC helps you through the response process. We have multiple SLAs to fit your needs.
Detect threats hidden in your network
Comodo SOCaaP provides you with an Intrusion Detection System (IDS) to detect threats. Even those that have bypassed other preventative defenses.
Use one product that covers all my threat detection and response needs
Comodo SOCaaP provides an all-in-one product. Complete with TIP, IDS, Log storage with configurable retention, and managed Security Operations Center (SOC). Add these capabilities right into your existing security program.
A threat detection platform that is easy to implement and use
Comodo SOCaaP sensors can be installed over your lunch break with no down time. Our Customer Success team personally walks you through the process to answer any questions or problems that may arise.
Use Threat intelligence without buying a TIP
Comodo SOCaaP connects you directly to your threat intelligence, without the need for a full-scale TIP.
Build and manage intel on one Threat Intelligence Platform (TIP)
Comodo SOCaaP allows you to create and manage indicators. You can track performance of the indicators you set up to see how they are performing in a community environment.
INSTANT DEPLOYMENT
With SOCaaP you can launch your cybersecurity program in two easy steps
Step 1
Connect your PSA
Integrate with your PSA and Auto-Enroll your customers: SOCaaP will fetch your customer’s and provide you auto-enrollment so that you can start protecting all of the endpoints in your customer network.
Step 2
Click to Auto Deploy
Extend security visibility with cloud and network telemetry: SOCaaP connects with cloud providers like O365, Azure, and AWS. You then install SOCaaP network sensor to identify potential threat activity on your network and view everything through a user-friendly online interface. We correlate endpoint, network, and cloud telemetry for you.
SOC as a Service
Co-Managed Threat Detection And Response You Can Afford
With Comodo SOCaaP, you can provide managed threat detection and response service for your customers. SOCaaP is backed by our in-house Security Operations Center (SOC) and Security Information and Event Management (SIEM) which is flexible to any size business and can be tailored to fit your specific needs.
White Label Our SOC Platform With Your Brand:
Add cybersecurity to your suite of services and protect your clients with zero capital outlay. Designed and built for MSPs/MSSPs.
Includes Dragon Enterprise Platform And Auto Containment
Includes Patented Auto Containment Technology is the world’s only active breach protection that renders malware, ransomware, and cyber-attacks useless. Eliminates all false positives and reduces attacker dwell time to mere minutes or even seconds.