RocketCyber

The RocketCyber Managed SOC Platform is a solution designed to provide advanced threat protection and managed security operations center (SOC) services for small-medium businesses (SMBs). According to the vendor, this platform caters to various professions and industries, including Managed Service Providers (MSPs), IT professionals, cybersecurity professionals, technology companies, and the financial services industry. The RocketCyber Managed SOC Platform offers a range of features and integrations aimed at enhancing cybersecurity defenses and mitigating the risks of cyber threats.

Key Features

Endpoint: According to the vendor, this feature allows for the monitoring and identification of security events across Windows, macOS, and Linux systems. It also includes the detection of breaches, malicious files/processes, and the ability to conduct threat hunting using third-party Next-Generation Antivirus (NGAV) solutions.

Network: The vendor states that this feature ensures network security through the monitoring of firewall and edge device logs. It also integrates with threat reputation, WHOIS, and DNS information, providing real-time monitoring of malicious and suspicious activities.

Cloud: According to the vendor, this feature safeguards cloud environments by monitoring Microsoft 365 security event logs and Azure AD. It includes the detection of malicious logins and monitoring of Microsoft 365 Secure Score.

Comprehensive Monitoring: The vendor claims that this feature allows for the monitoring, searching, alerting, and reporting on network, cloud, and endpoint log data. It covers security events across Windows, macOS, and Linux systems, firewall and network devices, as well as Office 365 and Azure AD cloud events.

Threat Intelligence & Hunting: According to the vendor, this feature provides real-time threat intelligence monitoring. It allows for the connection to premium intel feed partners and leverages the largest global repository of threat indicators. The vendor also claims that SOC Analysts can proactively hunt bad actors using this feature.

Breach Detection: The vendor states that this feature enables the detection of adversaries that bypass traditional cyber defenses. It includes the identification of attacker Tactics, Techniques, and Procedures (TTPs) and generates a forensic timeline of events. The vendor also claims that it can help deter intruders before a breach occurs.

Intrusion Monitoring: According to the vendor, this feature allows for the real-time monitoring and identification of malicious and suspicious activities. It includes the detection of unauthorized TCP/UDP services and backdoor connections, as well as the identification of connections to terrorist nations and Command and Control (C2) servers.

NextGen Malware: The vendor states that this feature provides the ability to utilize own malware prevention or leverage RocketCyber's command and control app for Microsoft Defender. It offers a secondary line of defense through the malicious detection of files, tools, processes, and more.

PSA Ticketing: According to the vendor, this feature involves SOC analysts investigating each alert and generating tickets to the PSA system. It provides remedy details and allows businesses to focus on operations without hiring additional security engineers.

Threat Detection Apps: The vendor claims that this feature includes an App Store with purpose-built detection apps for various cybersecurity use cases. It allows users to easily turn on preferred RocketApps without separate installations and provides actionable triage views and incident ticketing to the PSA system.