Talion/ What We Do/ Hybrid SOC & Collaboration Services

What We Do

Hybrid SOC & Collaboration Services

Enhance your security operations with our Managed Security Orchestration and Automation & Response (SOAR) service – a new kind of hybrid SOC. We also offer SIEM content development, bespoke playbook creation, automated remediation and cyber security staff augmentation.

Download Report

Total Transparency.
Shared Control.

Our suite of Hybrid SOC services allow organisations to retain as much or as little control over their security operations as they desire. Our Managed SOAR solution enables organisations to quickly benefit from an advanced orchestration, automation & response capability without the headache of deploying new tech and upskilling a team to realise its full potential. Our cyber security staff augmentation options mean we have your back when you need us most.

Invested in security tech but not getting the expected ROI?

BYOT (Bring Your Own Tech); our platform is technology agnostic and integrates with your technology, utilising orchestration and automation to maximise its value.

We help solve the
following problems:

Complex integrations and configurations create more work and result in increased risk to the business
Existing security investments are not delivering the expected ROI
It’s not cost effective for you to staff a SOC 24×7
Analysts must spend time pivoting across multiple security tools to get an understanding of the complete threat picture
Analysts motivation and job satisfaction suffers with a constant onslaught of repetitive, manual task

Managed SOAR

We bring simplicity to a complex problem. Disparate security technologies producing vast volumes of data overwhelm analysts, draw heavily on security engineering resources and distract security leaders. Our Managed SOAR service overcomes this challenge by integrating with your security technologies to provide a simple to use security management platform that gives comprehensive visibility of the threats facing your business and improves efficiency through a library of expertly crafted and tested orchestration, automation & remediation playbooks. This allows analysts to focus on what matters, freeing up engineering resource and allowing security leaders the time and space they need to think strategically about protecting the business.

What Is Managed SOAR?

Download

Managed SOAR is the hub of your security operations, it’s a single platform that bridges the gap between your disparate security tools, the data they produce and your visibility across your IT estate. Rather than working across multiple technologies such as SIEM, EDR and NDR, our platform unifies these systems so that your analysts have one single work bench from which they can detect, investigate and respond, with a complete picture of the threats facing your business. But this alone does not solve the problem, we layer over this a library of carefully curated playbooks to further enhance efficiencies, and as a Managed SOAR customer, you recieve custom playbooks designed, tested and deployed specifically for your use case on a monthly basis.

Your analysts utilise the same interface as Talion analysts allowing real time collaboration, investigation and remediation. Managed SOAR is more than just a technology platform, it’s a collaborative space where analyst can operate at their absolute best, utilising advanced playbooks to speed processes, improve consistency, remove human error and enrich security cases, meaning the analyst can make much better decisions, fast.

Our experience has shown that this reduces attrition, and improves efficiency, efficacy and ultimately job satisfaction within your security team.Managed SOAR offers the right combination of technology–yours and ours, integrations and road-tested orchestration, automation & repsonse playbooks, coupled with security expertise, which enables your security team to accurately prioritise the threats posing the highest risk to your organisation.

Read Less

Features

We are technology-agnostic, integrating a wide range of SIEM, EDR, NDR and other tools to deliver a real-time, single, centralised view of all threats facing your business

Managed SOAR integrates with your existing security technology stack

An expertly crafted & curated library of playbooks designed to improve efficiencies, remove human error, create consistant processes and automate mudance & time consuming tasks

Regular creation of custom playbooks to address client-specific use cases

Unified and normalised data for triage, investigation and response

Correlation and automation that spans all your security tools, leveraging expertly designed & tested playbooks and workflows

Collaborate within your in-house team or with Talion security experts to ensure you respond effectively and quickly

Push notifications to automatically remediate security threats with the click of a button

Discover More

Benefits

Our Managed SOAR service allows you to run your own SIEM and benefit from our advanced orchestration capability as well as our security expertise, without the need to implement new technology.

70% reduction in triage volumes

Benefit from up to 70% reduction in triage volumes without removing any actionable security alerts.

300% increase in time available for triage

Improve your security case handling with a 300% increase in time available for triage.

65% reduction in analyst resource

Reduce your analyst resources by up to 65%, whilst addressing the same level of security alerts.

Save time & reduce costs

Security alerts processed quicker, in minutes not hours, security cases resolved in seconds.

Advanced orchestration playbooks

Access all our playbooks, including any new playbooks created.

Automated Remediation

Resolve remediation actions with the click of a button.

How does it work?

Managed SOAR ingests alert data from your security technologies such as EDR, NDR & SIEM. It then acts as a centralised hub for analysing, correlating, processing, and consolidating your security cases. Managed SOAR leverages advanced playbooks designed, tested and curated by our expert team to provide the analyst with a much richer picture of what is happening across the estate, enriching cases, and automating mundane tasks so they can make better decisions more efficiently.

Once triaged by the analyst, Managed SOAR helps to automate the remediation of the security incidents, meaning your incidents are resolved fast. If Staff Augmentation is purchased alongside Managed SOAR, the customer’s security team can hand off to, or collaborate with, Talion Level 3 analysts utilising the exact same system, so information between the teams is complete and seamless.

Why wouldn't I just buy my own SOAR platform?

Talion began implementing SOAR technology over 4 years ago because we suffered from the same challenges many organisations do; alert overload, a desire to get more value from our existing SIEM, the need to expand our security monitoring coverage to include cloud and other emerging technologies such as OT and IoT and a desire to deliver a superior service to our clients.

Since implementing SOAR in our Security Operations Centre we have had a steep and steady learning curve as we became expert at managing, configuring and optimising the platform, which includes the art of writing effective playbooks (rules to run orchestration, automation & response) for a wide range of customers. Furthermore our team of 24×7 SOC analysts have become incredibly efficient and effective at leveraging the platform. With Managed SOAR you can immediately benefit from this expertise without spending the time and money to get their on your own.

What makes Managed SOAR different from MDR?

With Managed SOAR the customer can own and manage their own SIEM, EDR &/or NDR tools. We take feeds from these tools to provide an additional level of orchestration and automation over and above what the customer’s existing technology stack can offer. With MDR, Talion tend to own and manage the SIEM platform and can also offer Managed EDR and Managed NDR.

It’s really down to how much technology you want to manage and if you want your in-house analyst team to get involved. You can stay 100% in control, or, you can give some, or all of the job to us. It’s a sliding scale between Managed SOAR and a fully outsourced MDR.

Managed SOAR is accessed via a user-friendly interface covering 3 key components:

View

Your data, demystified

Collaborate

Side-by-side support

Control

Built around you

Managed SOAR is accessed via a user-friendly interface covering 3 key components:

Cloud-based dashboards

Whether you’re interested in operational KPIs or reporting to senior management, login at any time to our cloud dashboard to get a unified view of all activities and insights generated by our security analysts.

Ask our level 3 analysts

Sometimes you can do with outside expertise, Managed SOAR allows you to chat with our L3 analysts, our most experienced cyber experts. You may have a simple question or a full security incident briefing. You can then easily approve or reject recommended remediation actions.

Total transparency, complete control

With this unrestricted view you maintain control of your security, whether that’s making decisions on remediation actions, or having visibility of all your security incidents and the information that relates to them.

Cyber Security Staff Augmentation

In 2020, 85% of SOC employees rate the pain of working in their organisation’s SOC as painful or very painful. Of these respondents, 80% said the primary reason for the pain is that an increasing workload causes burnout. This results in an average of three analysts resigning or being fired every year.

Furthermore only 38% of security leaders say their organisations have a high ability to hire the right talent for their SOCs. 75% of security leaders agree that SOC analysts burn out quickly because of the high-pressure environment and workload.

With Talion’s Cyber Security Staff Augmentation, we’ll take away that burden.

Read Less

Security expertise on demand

We have been running Security Operations Centres since 2012, when, as BAE Systems, we were asked by the UK Government to protect a major global sporting event. Since then we have been building our team, our processes and our expertise, honing our skills in security operations. We select only the most passionate and committed security experts for the team, all of whom are driven to further improve their skills and provide first class security analysis of suspicious events. This isn’t just a highly skilled team of security analysts, we also run a dedicated detection content development team and a team specialising in Security Orchestration, Automation & Response playbook design.

With Talion’s Staff Augmentation you can benefit from experienced security experts as and when you need them without committing to permanent employees.

We offer the following options:

On-Demand Analyst for burst capacity on retained or requested staffing Weekdays 8am-6pm
In-Hours Analyst Weekdays 7am-7pm
Out of Hours Analyst Mon-Thurs 7pm – 7am, Friday 7pm- Monday 7am, plus Bank Holidays
Always-On Analyst 24×7 Analyst coverage

* Ponemon Institute Second Annual Study on the Economica of Security Operations Centres: What is the True Cost for Effective Results? January 2021.

Read Less

Testimonials

Don't just take our word for it.

Senior Director – Security Operations - Talion

Talion’s model is based on people and partnership and not just technology… We spoke with others who aspired to this, but it simply wasn’t what they did; they had a much greater focus on dashboards and alerts. In contrast, the people at Talion told us: ‘We’re here when you need us – just pick up the phone. We can meet weekly, monthly – whatever works for you. We’re here to help.’ It was hugely important for us.

Senior Director – Security Operations

One of Britain’s Largest Technology Companies

Director of Information Security and Risk - Talion

Talion have been a fantastic partner to work with and I really see them as an extension of our team. Having the skillset and agility of a growing organisation but the talent and capability of a much larger organisation from which they were formed, BAE Systems, has proven a great combination. The team work hard to continuously demonstrate and add value to their customers and are always receptive to feedback.

Director of Information Security and Risk

One of North America’s largest providers of funeral and cemetery services

CEO – Large UK Telecommunications Company - Talion

This is a sort of cyber security arms race. Criminals are learning to do new things. One of the first calls I made on Wednesday was to Talion.

CEO

Large UK Telecommunications Company

At every level, [the team] gave us quantitative, analytical advice, in the moment, … [You] enabled us to take the business judgements that cyber security requires you to take.

CEO

FTSE 250 Company

Awards &
Accreditations

Talion are pleased to have been credited and shortlisted for awards by key industry organisations, including Cyber Essentials, Forbes Technology Council, and SC Awards Europe. This recognition is a testimony to the services Talion continue to offer to businesses worldwide.