Endpoint Detection & Response (EDR)

UK Based Security Operation Centre

The Sapphire SOC is based in the UK for both operations and storage of security data. Both our SOC and data centre are built on a fully redundant and highly available architecture to ensure zero data loss and continual service operation. Customer data is secured in our Tier 4 datacentre and compliant with ISO 27001, Cyber Essentials+, PCI DSS, CSA Star, ISO14001 and ISO9001.

Expert Cyber Security Analyst Team

Sapphire’s Managed EDR service gives the best insight into new, emerging, known and unknown threats on endpoints. Detecting threats early and remediating before threats can take hold reduces time to respond to real threats to any business.

Our team is experienced in multiple technical disciplines. Our analysts are further supported by our SOC Manager and a 24×7 Helpdesk team, as well as comprehensive premium support from technology providers. Analysts are accredited and certified with each technology provider to ensure the best possible service for our customers.

Global Incident Response Integration

We provide a Global Incident Response (IR) service to enhance our ability to support customers at a time of critical attack or compromise. We integrate global threat intelligence data into our SOC, giving analysts an enriched view of existing, new and emerging threat actors and attack vectors on a minute by minute basis. Customers benefit from understanding how threats detected within their local environment relate to a global view.

Integration with Enriched Threat Intelligence Sources

Our SOC provides a range of additional managed security services such as vulnerability management and Managed SIEM services. Managed EDR customers can benefit from this, as threat intelligence curated from these services is shared with our EDR service.

Root Cause Analysis

Our Analysts will use our Managed EDR tools to examine threats for root cause, considering the threat vector, protocols, known bad actors and threat intelligence data to determine how threats have manifested and caused security incidents. This information is included as case evidence and shared with our customers.

Threat Hunting

The Sapphire SOC provides a range of mitigation responses to clients to ensure known and understood threats can be quickly contained or eliminated through either automated or manual response functions.

Rapid Response

Reacting quickly and effectively to cyber security events is critical to protecting the business. Our Managed EDR accelerates threat detection and response times using expert analysts. Our team operates 24×7, backed by the latest threat intelligence and machine learning capabilities available in the industry today. We help identify and mitigate risk in record time.

Visibility & Control

Threat Prevention

• Stops all malware attacks
• Unique behavioural approach to stop unknown attacks
• Complete ransomware protection
• Online & offline protection
• Windows, Mac, Linux support

Detection & Response

• Visualise every stage of an attack
• Uncover root cause in minutes
• A comprehensive picture of endpoint activity
• Easily search and investigate endpoints and fix issues

Advanced Threat Visibility

• Capture all endpoint activity
• Visualise the attack
• Identify root cause
• Aggregate custom threat intel
• Minimise resource impact

Proactive Threat Hunting

• Stop advanced threats
• Automate the hunt
• Reduce the attack surface
• Integrate defences
• Leverage community experts

Rapid Response

• Isolate infected systems
• Ban malicious files
• Collect forensic data
• Remotely remediate devices

Fully Managed Service

• 24×7
• Integrated Threat Intelligence to enrich customer data
• Monthly reports
• Expert Analysts and Threat hunting reducing MTTD/MTTR