SOC, Content

26 SOC as a Service (SOCaaS) Options for MSPs, MSSPs

Dozens of companies are introducing SOCaaS (Security Operations Center) as a Service-type capabilities for MSPs and MSSPs. The reason? Tens of thousands of small MSPs can't afford to build out their own SOCs. Plus, established MSSPs are seeking more ways to automate and scale their cybersecurity business practices. Key SOCaaS options for MSPs and MSSPs, listed alphabetically, include the following companies -- many of whom are also Top 250 MSSPs for 2021. Here's the lineup of various SOCaaS companies we've been tracking... Notes:
  • Blog timeline: Blog originally published in 2018. Updated regularly thereafter with new SOCaaS companies. Some companies have been removed from the list over time due to (A) business strategy shifts, (B) mergers and acquisitions and/or (C) company silence.
  • MDR service providers: Many of these companies also position as Managed Detection and Response security companies (see Top 40 MDR service providers list).
  • Whom did we miss? Email SOCaaS thoughts and leads to Editorial Director Joe Panettieri ([email protected]).
Related Webcast: SOCaaS for Small MSPs - Join Us

26 Security Operations Center as a Service Options for MSPs & MSSPs

1. Alien Vault from AT&T Cybersecurity: Roughly six months after AT&T acquired AlienVault, the parent company in March 2019 reorganized is cybersecurity assets into a new standalone business division. The strategy: Combine the AT&T Cybersecurity Consulting and AT&T Managed Security Services to form a new standalone division, AT&T Cybersecurity. Fast forward to present day. A lengthy list of MSSPs and MSPs leverage AlienVault Unified Security Management (USM) for continuous security monitoring, log management, and out-of-the-box compliance reporting. 2. Arctic Wolf Networks: A pure channel strategy emerged after the SOCaaS provider raised $45 million in Series C funding in October 2018. Fast forward to November 2021, and Arctic Wolf is preparing a potential IPO for 2022. Key relationships and/or integrations include ConnectWiseIngram  MicroSplunk and may others. Key Arctic Wolf Networks adopters include LDM Global and Secure Data Technologies. 3. Ascend Technologies: Acquired Infogressive, a well-known Master MSSP, in July 2020. Infogressive has been ahead of the curve assisting MSPs and other channel partners with risk mitigation and proper ransomware defenses. 4. Binary Defense: The company recently hired FBI veteran Randy Pargman as senior director of threat hunting and counterintelligence. Binary Defense also partners with Ingram Micro and Arctic Wolf Networks for an expansive SOCaaS solution. 5. BLOKWORX : In addition to educating and training partners, BLOKWORX provides white label SOC and Endpoint Defense Services to MSP partners. The company embraced a channel-only strategy in January 2018 6. Bolton Labs: The SOCaaS provider has been in acquisition mode -- buying Phylasso and Pandora Labs for cybersecurity technology and talent. 7. ChannelSOC: The AT&T Cybersecurity partner leverages AlienVault to provide white label SOC services to MSSPs & MSPs.  The services include setup, tuning, managing and monitoring the SIEM and vulnerability management -- through ChannelSOC's 24x7 SOC.  The company works with existing AlienVault partners that don’t have SOC operations, and partners that don’t have a SIEM or a SOC vendor.  ChannelSOC also provides Incident Response, Threat Hunting and other Forensic services. Related Webcast: SOCaaS for Small MSPs - Join Us 8. ConnectWise Security Operations Center: The MSP software company acquired SOCaaS businesses such as Continuum, plus Perch Security and Stratozen. Key partners include Fortinet, Netsurion, SentinelOne and Webroot. 9. Collabrance: Owned by GreatAmerica, Collabrance is a Master MSSP. The company in 2018 integrated security information and event management (SIEM) and vulnerability and penetration (VUL/PEN) testing into its master MSSP offering for partners. 10. Critical Start: The MDR provider strengthened its brand in 2021, and in mid-2019 raised $40 million to expand nationwide across the United States. The funding involves a minority investment from Sagemount, a growth equity firm. Critical Start's focus areas include a heavy partner emphasis. Continue to page two for SOCaaS security companies 11-20 Here's page two, featuring SOCaaS security companies 11-20. 11. Cyberhat: The company in April 2021 raised $15 million in Series B funding, led by Prytek, to expand its Cyrebro cybersecurity Protection to small and medium-sized businesses. 12. CyberSafe: The MSSP offers clients SOC-as-a-Service. The SOC is located in a Tier IV data center and consists of industry experts, 24/7/365. The company is actively inviting MSPs and MSSPs to join CyberSafe's partner program. 13. CyFlareThe company's SOC-in-a-Box provides breach detection and vulnerability scanning capabilities to MSPs. The company leverages Stellar Cyber for its SOCaaS capabilities. Related Webcast: SOCaaS for Small MSPs - Join Us 14. Delta Risk: Acquired by Motorola Solutions in September 2020. 15. Digital HandsThe company in July 2021 hired Kim Bilderback as its AVP of channel sales. Also, Digital Hands in July 2019 raised $15 million in private equity to accelerate its SOCaaS strategy for partners. Digital Hands provides the following managed security services through partners:
  • Managed Detection and Response
  • Managed Firewall.
  • Network Security.
  • Managed IDS/IPS.
  • Unified Threat Management.
  • Managed Endpoint Protection.
16. Flexis: The company provides both SOC and NOC services to MSPs and MSSPs. Flexis doesn't force customers to use its tools (in fact, Flexis doesn't develop tools). Instead, the company leverages best-of-breed tools that customers want. Flexis claims to be one of the few SOC providers that has deep infrastructure experience due to 10-plus years selling NOC services to MSPs. 17. ForesiteThe company in June 2021 hired NTT Security veteran Matt Gyde as its chairman and CEO. Around the same time, Foresite named Mark Behan as its SVP of operations. Foresite's core technology platform is ProVision, which spans:
  • Cyber Security as a Service (CSaaS): Delivers cybersecurity services aligned to an organization’s requirements
  • Managed Detection and Response (MDR): Provides threat hunting, detection and response services to help organizations eliminate cyber threats
  • Monitoring and Alerting: Offers network security monitoring, alerting and threat intelligence
Related Webcast: SOCaaS for Small MSPs - Join Us 18. inSOC: The company surfaced at DattoCon 2019 with a SOCaaS offering for MSPs and MSSPs. inSOC  since that time has quietly and steadily built its revenue with larger MSP clients in North America, EMEA and APAC, offering fixed cost access to an enterprise-grade Open XDR solution specifically built for MSPs/MSSPs to resell, according to an update that MSSP Alert received in November 2021. inSOC was an early adopter of Stellar Cyber, plus the company offers vulnerability management from Rapid 7; MSP-friendly reporting and 2/4/7 SOC monitoring; and a unique onboarding and hardening process for the first 45 days, the company tells MSSP Alert. As of November 2021, the company remained privately held. 19. Netsurion: One of the rare software companies that controls its intellectual property across SIEM, endpoint protection and SOCaaS. Netsurion is a Master MSSP of sorts that works with a growing list of MSPs and MSSPs. 20. NTT: The company's SOCaaS is a "fully managed service that provides deployment, platform management, detection of cyberthreats, compliance reporting, custom use cases, dashboards and incident escalation playbooks," NTT indicated. Continue to page three for SOCaaS security companies 21-25 -- along with companies that are no longer listed. Here's page three, featuring SOCaaS security companies 21-26 -- along with companies that are no longer listed. 21. Proficio: The Top 250 MSSP offers SOCaaS and has expanded into managed detection and response (MDR). Fully-managed SOC services provide 24/7 monitoring and response services, and co-managed or hybrid SIEM provides customers' cyber staffs with an additional layer of coverage. 22. Radar Cyber Security: The Radar SOCaaS strategy is described here. 23. SOCsoter: Best known as an MSSP, SOCsoter also promotes SOCaaS-type services via channel partners. 24. SKOUT: The SOCaaS provider to MSPs was acquired by Barracuda in July 2021. 25. Veronym: Better known for its Microsoft Windows, macOS, iOS and Android security tools, there are signs that the company is pushing toward SOCaaS. 26. Vertek: Launched in 1988, the company has evolved to offer managed SIEM and SOCaaS, and positions itself as a master MSSP to partners. Related Webcast: SOCaaS for Small MSPs - Join Us

SOCaaS Companies No Longer Listed Above

We originally published the list above in 2018 and updated it multiple times thereafter. Here are companies that previously appeared above, but are no longer listed: 1. CYBERShark: We're trying to determine the current state of CYBERShark, owned by BlackStratus. When we checked the company's website, we noticed that the account was suspended. 2. Infogressive: Acquired by Ascend Technologies in July 2020. 3. Perch Security: Acquired by ConnectWise in  November 2020. 4. StratoZen: Acquired by ConnectWise in November 2020.

More SOCaaS Options for MSP and MSSP Partners

Whom did we miss? Email thoughts and leads to Editorial Director Joe Panettieri ([email protected]).
Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.