SenseOn Service Packages
3 service packages to suit all of your needs, whether you already have an established SOC team or not.
What SenseOn offers
| PLATFORM | SENSEON 24/7 | SENSEON RESILIENCE | ||
|---|---|---|---|---|
| Perfect for those with established SOC teams who require minimal assistance. | Perfect for those who need to be supported at all times, even at 4AM. | Perfect for those with advanced security needs who need us to go above and beyond. | ||
| Automated alerting | X | X | X | |
| Remote support | X | X | X | |
| Live chat support | X | X | X | |
| Threat alerting 24/7 | X | X | ||
| Quarterly executive reporting | X | X | ||
| Case management | X | X | ||
| Zero-day threat review | X | X | ||
| Live incident response | X | |||
| Forensic incident report | X |
Service definitions
-
SenseOn will alert customers when the SenseOn technology detects Critical (see table below) level threats in their environment. These automated notifications will be sent via email to a list of emergency contacts provided by the customer.
-
Remote support is available to all customers at varying levels. Remote support for customers with a SenseOn service package includes incident advice, guidance, hunt query assistance and creation and product support. Customers with a SenseOn service package are able to reach out to the SenseOn Support Team via the support phone number, email or live chat. Should the incident be deemed critical, all efforts will be made to provide immediate assistance. All other incidents will be dealt with in a timescale relating to the perceived risk of the incident (see service level response times below). Customers who have a platform only service are able to reach out to analysts for guidance and product support via email which will be dealt with in line with the agreed service level response times.
-
In the event the SenseOn technology detects a priority alert (high or critical), SenseOn analysts will be notified. All priority alerts will be investigated by SenseOn analysts. Should the alert be deemed to be urgent, SenseOn analysts will reach out via the agreed customer escalation path informing the customer of the alert triggered, analysis and any recommended actions.
-
With support from the SenseOn Customer Success Team, customers who opt for a SenseOn service package will receive quarterly reviews which include a Cyber Threat Report including management data, cases insights, market insights, trending behaviour and areas of improvement
-
SenseOn understands the importance of platform management enabling focus to remain on anomalous activity. If required, SenseOn will close any high or critical alerts once investigated if deemed to be false positives.
-
SenseOn analysts will review analytics and logs inline with the latest critical zero day threat against correlated logs against your estate.
-
SenseOn incident responders remotely remediate or mitigate threats identified on your estate on your behalf. This minimises any threat of business disruption by stopping and eliminating live attacks in real-time. See Resilience Service Description for further information.
-
Following a critical incident, SenseOn provides a highly-detailed ‘Detection In-Depth’ report.
* Restricted to platform data, analytics, logs, and available IOCs.
Additional features and services
Reflex
Reflex is SenseOn’s automated response against Ransomware threats such as Lockbit, that often spread too quickly for manual/human intervention. Utilising multiple detection techniques, Reflex is capable of automatically and rapidly isolating an endpoint or endpoints, quarantining malicious activity and Ransomware strains from spreading.
Reflex can be configured in 2 response mechanism:
1. Automated (Recommended) Hosts will automatically isolate
2. Manual - A Critical case will be created and hosts will need to be manually isolated
Microsoft 365 integration
Integrate the Microsoft 365 tenant with SenseOn to receive security alerts relating to all Microsoft and third-party applications in a single platform.
Alerts will correlate with SenseOn detections and provide additional context to a threats.
Google Workspace integration
Integrate Google Workspace with SenseOn to receive security alerts relating to Google and third-party applications in a single platform to provide additional context to threats.
Active Response
Make your cybersecurity and IT teams’ lives easier by empowering them with a 360 Python-based remote access system for endpoints. Easily detect and remove malicious files directly from an affected device, or isolate a breach to prevent attackers from causing more damage to your environment.
AWS Security Hub integration
Integrate your AWS tenant with SenseOn to receive security alerts and third-party applications alerts in a single platform to provide additional context to threats.
Azure Sentinel integration
Export SenseOn data to your Sentinel SIEM via our webhook to receive SenseOn cases in a single platform
Endpoint Protection (EPP)
SenseOn’s Endpoint Protection (EPP) emerges as a beacon of innovation and security to protect all of your endpoints from malware, breaches, and attacks.
SenseOn Connect
Leverage SenseOn Connect for enhanced workflow integration, cross-tool relevance, and workflow automation through bidirectional integration with 3rd-party ITSM tools.
Find out what SenseOn can do for you.
We’re available 24/7
SenseOn understands that when there are issues or questions, the ability to quickly talk to someone is pivotal. That’s why to simulate the same relationship as you have with internal colleagues, SenseOn provides all Service Pack customers 24/7 Live Chat functionality on top of the usual email and phone. Our Live Chat feature is built into the platform and with a click, you can start chatting with the SenseOn Security Analysts (we’re not bots, we promise!) or with the SenseOn Customer Success team. Our teams are available 24/7 to help with triage, build custom scripts and queries, provide guidance and help answer any other questions you may have.
Arrange a demo
Discover how our unique platform combines the capabilities of EDR, NDR, SOAR, SIEM, and AV into a consolidated cyber defence system.
Reduce workload without compromising defence
Complete end-to-end visibility
Automate response and remediation