“The point of SOC.OS is not to act as a detector or a trigger, it exists to filter out the noise. It’s easy to set up; just throw your security logs at it and it will show you where to spend your time looking. It looks across time and space and points out the things that need attention, thus the few staff you do have on site don’t waste time chasing down false positives.”Jon G.
Systems Support Engineer, Gentoo Group
“Our journey with SOC.OS started while it was still a concept for a tool to help triage alerts across multiple source systems. It’s been great to be able to feed back to the team and see features arrive reflecting my desires. The product has matured to a touchpoint which enables us to quickly maintain oversight across the environment and focus where our attention is needed.”Chris S.
Information Security Manager, Natural History Museum London
“Now we can track threats on specific systems by utilising the tagging functionality within SOC.OS, which helps us filter alerts based on specific and interested business assets (such as a specific IP address). One example of where tagging was helpful was when a user unintentionally downloaded malware and due to the sheer volume of alerts it was hard for us to identify the threat quickly. With SOC.OS, being able to easily filter all alerts based on specific business context enabled us to identify the threat on the machine and take swift remediation action.”Suzanne E.
Cyber Security Manager, University of Sussex
“What I really like about the SOC.OS team is the energy, knowledge and passion for the product. We have been very pleased to be one of the early adopters and to see the fast evolution of a great product.”Cecile D.
IT Director, The Dune Group
“Premier Oil looked at the current leading Gartner SIEMs and realised very quickly, as a medium size corporation, we lacked manpower and time to implement them. The investment of time we would need was just infeasible with traditional market leaders.
Fortuitously, as we started looking for alternatives, SOC.OS appeared over the horizon with their exciting new capability; allowing us to incrementally evolve and improve at our own pace. The integration of existing sensors and monitoring gives Premier Oil clear, concise and simple visibility worldwide through correlating of our network, server and end point events; whether current events or historic timelines.
The continual evolution of SOC.OS and its nascent capabilities is exciting and hugely beneficial, something Premier Oil is glad to be party to, as more and more data and events are drawn into the system, improving both the depth and breadth of Premier Oil’s cyber security.”Vince M.
Group Information Security Manager, Premier Oil
“Having a product like SOC.OS that analyses and correlates events, clusters them with threat scores, timelines, and detailed threat explanations helps to reduce the resource we have to expend to monitor our security logs. The other great thing about SOC.OS is the active co-development approach integrating existing customers’ experiences and wishes.”Oliver H.
Head of Central Computing, UK Atomic Energy Authority