HP Enterprise Security Products (ESP) will supply key technology for SOC-in-a-Box clients, and Carlo Minassian, earthwave's founder and CEO, said the earthwave/HP solution allowed service providers, large enterprises and government to deliver their own security operations centres in a 'fraction of the time of a typical implementation.'  

'As more businesses and service providers have become aware of the scale of data theft and system breach in their environments, many have found that they need the ability to detect and respond in a timely fashion but face the extremely long lead times and considerable costs associated with establishing their own SOCs.'

'Market need drove this.  Clients began asking us to help them build security operations centres in-house even though we were initially there to deliver an outsourced solution. We saw increasing demand on the back of failed in-house SIEM (Security Information and Event Management) deployments that did not deliver,' Minassian added.

Minassian said that the offering, called SOC-in-a-Box, allowed earthwave to equip clients with a modular framework for a best-in-class Security Operations Centre, 'which to a large extent can simply be a reallocation and repurposing of existing company resources.'  'The blueprint, which has taken earthwave 12 years to develop, can effectively fast track SOC implementation for almost any organisation.'

According to Minassian said that many companies and organisations 'start the SOC journey not knowing how much it will all cost or how long it will take to be up and running and certified.'  'It is only when you detail all of the elements that go into building a SOC that you realise the scope and complexity.  Deployment of a SOC typically takes three-to-five years, but with SOC-in-a-Box we are now able to deliver in less than a year.'

 'It was natural to partner with HP given that a foremost analyst named HP the leading global security vendor and named us the leading APAC Managed Security Services Provider,' Minassian explained.

'Together we are able to deliver something that meets a real and urgent need. Given the rise of personal devices in the workplace, which jeopardise networks, and the continuing surge and sophistication of state-sponsored, group and individual hacking, the organisational need for SOCs that are truly secure has never been more urgent.'  
 
'Inherent in the earthwave SOC-in-a-Box are technology solutions from HP Enterprise Security Products, including the market Gold Standard for SIEM, HP Arcsight.  The products form a part of the SIEM Solution Design and Development, Log and Event Source Management, Security Operations Development, Use Case Content Development, and Compliance Reporting deliverables,' said Chris Poulos, General Manager HP Enterprise Security Products.

Minassian emphasised that SOC-in-a-Box is scalable and can be backed by as little or as much of earthwave's customer support service portfolio as needed.
 
'As part of the service, we sit down with the client and define the initial mission parameters.  What do they want to achieve? What do they currently have in place that we can use?  And where are the gaps?' he said. 'Even though SOC-in-a-Box can serve as the complete package, customers don't need to buy the entire package, they can buy elements of it.'

Minassian said that while earthwave will continue to provide its fully outsourced security operations centre, SOC-in-a-Box gives clients the opportunity to take advantage of a hybrid co-sourced model.  This co-sourced model could, for example, engage earthwave as a provider of after-hours detection capability and response.
 
'In other words, if a client wants to scale up to a fully self-sufficient, in-house SOC, but they're just not there yet, earthwave can step in to fill the capability and resources gap,' Minassian said.
 
Minassian also said that earthwave complements SOC-in-a-Box with sales enablement tools for service providers seeking rapid time-to-market, with all of the service datasheets, contracts, presentations, pricing, and ongoing sales and technical training required to address the market.
 
SOC-in-a-Box can also include ongoing subscriptions to 50+ global threat intelligence feeds as a result of its Threat Intelligence Alliance (TIA), detection feeds, threat management content updates, portal updates and ongoing development.  The offering can provide comprehensive security device management, real-time threat analysis and incident response, reporting, vulnerability management, threat intelligence, security assurance, regulatory compliance, and a branded security portal.
 
'Among many other capabilities, earthwave has the ability to track intrusions right to a hacker's house and do it in real time,' Minassian said. 'The complexity and responsiveness of our Managed Security Services is eye opening stuff for our clients.  These security proficiencies have been nurtured from the ground up and can't simply be replicated.  What's exciting about SOC-in-a-Box, however, is that we have found a way to share this powerful knowledge with organisations, saving them money and time and giving them security confidence.'