As a managed service provider for cloud platforms, evoila GmbH has always focused on the possibilities of automation, which offers customers a competitive advantage through speed, scalability and focus on their core business. evoila is now consistently continuing this approach in the development of its Managed Security Services with a clear Cloud First approach. So evoila puts its security portfolio in line with the clear trend of using multi- and hybrid cloud scenarios in the IT infrastructure environment.
In order to extend the existing scalable and innovative log management based on Elasticsearch with SIEM functionalities and recognition mechanisms, evoila was looking for a suitable provider to make this possible. evoila soon came across “SOC Prime”. SOC Prime provides wide-ranging extensions in the form of content such as recognition rules for all common SIEM systems on the market. In the initial discussions with SOC Prime, the impression of the outstanding possibilities that fit perfectly into the previous evoila portfolio was reinforced.
“With the Threat Detection Marketplace and the SOC Workflow App from SOC Prime, we have integrated a toolset into our Managed Security Service that allows us to massively reduce the mean time to detect (MTTD) of cyber attacks,” says Christoper Knöll, Head of Security at evoila GmbH. “The rules created and tested by SOC Prime and its large developer community allow us to map the latest attack vectors directly into our service,” Knöll continues.
“With our Managed Security Service SIEM, customers of any size benefit from the possibility to use security information and event monitoring (SIEM) without having to make large up-front investments,” says Johannes Hiemer, CEO of the evoila group. We are also intending to participate in the SOC Prime Developer Program to actively develop the platform further.
“We are pleased to welcome evoila as a partner of SOC Prime and to form this strategic partnership between our two companies. evoila’s combination of portfolio and expertise puts us in an excellent position in the market,” said Joachim Kühne, Vice President Global Sales Strategy & Business of SOC Prime Inc.
“A partnership for more security – that’s what it’s all about!”
SOC Prime Threat Detection Marketplace
The SOC Prime Threat Detection Marketplace provides threat detection content created by incident responders and for CISOs, SOC managers and analysts.
Key features of the SOC Prime platform are:
- Platform Support: Integration and enrichment of threat intelligence and attack information for platforms such as Elasticstack, ArcSight, QRadar, Qualys, Splunk and Anomali ThreatStream.
- Marketplace: The Threat Detection Marketplace offers the most comprehensive content directly mapped to the MITRE ATT&CK attack techniques
- Automation: Linking information from SIEM, Threat Intelligence, Vulnerability Management and APT scanners. In this way, a situation picture of the current status can be created quickly.
- API integration: Available via API integration to integrate content from threat detection streams covering over 215 techniques based on MITRE ATT&CK.
Security Solution Competency
Security always regards evoila GmbH as part of its overall consulting competence, not as an add-on. The focus is on Cloud Security, the protection of those services that evoila GmbH today provides for its customers in all areas of the cloud. In addition to consulting, evoila GmbH also offers comprehensive managed services in the area of cloud security.