26 SOC as a Service (SOCaaS) Options for MSPs, MSSPs

Here’s page two, featuring SOCaaS security companies 11-20.

11. Cyberhat: The company in April 2021 raised $15 million in Series B funding, led by Prytek, to expand its Cyrebro cybersecurity Protection to small and medium-sized businesses.

12. CyberSafe: The MSSP offers clients SOC-as-a-Service. The SOC is located in a Tier IV data center and consists of industry experts, 24/7/365. The company is actively inviting MSPs and MSSPs to join CyberSafe’s partner program.

13. CyFlareThe company’s SOC-in-a-Box provides breach detection and vulnerability scanning capabilities to MSPs. The company leverages Stellar Cyber for its SOCaaS capabilities.

Related Webcast: SOCaaS for Small MSPs – Join Us

14. Delta Risk: Acquired by Motorola Solutions in September 2020.

15. Digital HandsThe company in July 2021 hired Kim Bilderback as its AVP of channel sales. Also, Digital Hands in July 2019 raised $15 million in private equity to accelerate its SOCaaS strategy for partners. Digital Hands provides the following managed security services through partners:

  • Managed Detection and Response
  • Managed Firewall.
  • Network Security.
  • Managed IDS/IPS.
  • Unified Threat Management.
  • Managed Endpoint Protection.

16. Flexis: The company provides both SOC and NOC services to MSPs and MSSPs. Flexis doesn’t force customers to use its tools (in fact, Flexis doesn’t develop tools). Instead, the company leverages best-of-breed tools that customers want. Flexis claims to be one of the few SOC providers that has deep infrastructure experience due to 10-plus years selling NOC services to MSPs.

17. ForesiteThe company in June 2021 hired NTT Security veteran Matt Gyde as its chairman and CEO. Around the same time, Foresite named Mark Behan as its SVP of operations. Foresite’s core technology platform is ProVision, which spans:

  • Cyber Security as a Service (CSaaS): Delivers cybersecurity services aligned to an organization’s requirements
  • Managed Detection and Response (MDR): Provides threat hunting, detection and response services to help organizations eliminate cyber threats
  • Monitoring and Alerting: Offers network security monitoring, alerting and threat intelligence

Related Webcast: SOCaaS for Small MSPs – Join Us

18. inSOC: The company surfaced at DattoCon 2019 with a SOCaaS offering for MSPs and MSSPs. inSOC  since that time has quietly and steadily built its revenue with larger MSP clients in North America, EMEA and APAC, offering fixed cost access to an enterprise-grade Open XDR solution specifically built for MSPs/MSSPs to resell, according to an update that MSSP Alert received in November 2021. inSOC was an early adopter of Stellar Cyber, plus the company offers vulnerability management from Rapid 7; MSP-friendly reporting and 2/4/7 SOC monitoring; and a unique onboarding and hardening process for the first 45 days, the company tells MSSP Alert. As of November 2021, the company remained privately held.

19. Netsurion: One of the rare software companies that controls its intellectual property across SIEM, endpoint protection and SOCaaS. Netsurion is a Master MSSP of sorts that works with a growing list of MSPs and MSSPs.

20. NTT: The company’s SOCaaS is a “fully managed service that provides deployment, platform management, detection of cyberthreats, compliance reporting, custom use cases, dashboards and incident escalation playbooks,” NTT indicated.

Continue to page three for SOCaaS security companies 21-25 — along with companies that are no longer listed.

Return Home

11 Comments

Comments

    John:

    Great list! What are your thoughts about Silent Breach? We’ve been using them for a year now

    Joe Panettieri:

    Hi John: Thanks for the note. We’ve briefly mentioned Silent Breach once in our coverage, but I’m not an expert on the company. Are you affiliated with them?
    -jp

    Eric Brown:

    Great list Joe – saved me time!

    Joe Panettieri:

    Hi Eric: Thanks for your readership. We’ll try to update the list from time to time as companies move in (and out) of the market. I suspect we’ll see some consolidation throughout 2020…
    -jp

    Himanshu Shah:

    Great List will save lots of time for MSSPs seeking this information. Though, I represent Opticom Data Products Mumbai India. If you have some names to suggest operating out of India. Banks and FIs do not wish to send data to oversea cloud services.
    Btw, Thanks for the great information shared.

    Ankur Sharma:

    Hey Joe,
    Thanks for great list. Any Thought about A-LIGN (https://a-lign.com) – Founded by former “Big 4” executives and security specialists, A-LIGN is dedicated to making the security and compliance process as seamless and efficient by offering a one-stop-shop.

    Joe Panettieri:

    Hey Ankur: Thanks for your note. It’s been quite some time since I revisited this blog. I’ll see if we can do an update in the weeks ahead. Are you associated with A-Lign?

    Best,
    -jp

    Owen Allen:

    Hi Joe, if you are doing an update to the list for 2021, I’d be happy to connect you with the right folks at BlueVoyant to answer your questions. I am an employee of BlueVoyant. We are huge fans of the SOCaaS model.

    Joe Panettieri:

    Hey Owen: Thanks for your note and readership. MSSP Alert closely covers BlueVoyant’s business. Congrats on the milestones so far this year. I’m not sure if/when we’ll update the SOCaaS article. I know a few readers have asked us to do so. But I want to make sure a refresh would bring some fresh perspectives to the market. Stay tuned, and please keep the feedback coming.
    -jp

    Dennis London:

    I’m really curious what the definition is for a SOC these days. A few of the ones in this list are nothing more than SIEM operations and don’t actually perform any of the remediation or actions. They’re great at doing the analysis and then telling the service provider or customer what to do…but they don’t actually do any of the remediation.

    Joe Panettieri:

    Dennis: Great question. I think quite a few MSP- and enterprise-oriented SOCs spot the issue, but don’t resolve the issue. Hence, the continued need for MSPs, MSSPs & enterprises to hire forensic investigation teams post-incident. I know I’m super-simplifying the conversation and skipping a lot of deeper details. But I hope that provides at least some baseline context.
    -jp

Leave a Reply

Your email address will not be published. Required fields are marked *