SOC ANNOUNCEMENT ***SOC Detections and Analytics***
Incident Report for CyFlare
Dear Valued Clients,

Over the last several years, the SOC practice has continued to evolve based on daily happenings, your feedback, and industry best practice guidance. We have been investing heavily in our operations, systems and the much-anticipated ONE Converged Security Platform.

I am pleased to announce early access to CyFlare ONE Analytics that provides you with real-time insights into key low-tech, high-value metrics for your security monitoring services. This provides drillable analytics to break down detection volumes, Mean Time To Disposition, SLA adherence, Tickets, Analyst time, and other detection-related trends.

An essential component to realizing value from analytics is to understand exactly how the SOC processes detections from deployed security tools. Please be advised that unless explicitly stated, the following link identifies the specific use cases / detections that are monitored by the SOC based on the security tool deployed. Should you need a specific detection enabled, not see a detection you feel is valid, or simply have a question about how the detection list works, please place a ticket with the SOC or contact your CSM.

The SOC Detections Details page is here:

You will also find that our security experts have mapped every detection to the MITRE ATT&CK Framework. This allows you to see which techniques and tactics the solution covers and it also enables each detection to align to a specific investigation playbook.

With the SOC specifically identifying the detections we are monitoring for, it enables complete transparency on what to expect for investigations and total accountability when used in tandem with the analytics portal.

Analytics Portal Demo Link is here:

The analytics companion guide is here:

SOC ticketing portal is here:

SOC email to ticket:

Over the next 30 days, your CSM will reach out to you and provide access to your Analytics portal. We are eager to hear your feedback on this new capability. We have aggressive plans to incorporate data points from the rest of the SOC portfolio solutions including vulnerability scanning and operational metrics (sensors deployed, traffic volumes, up/down status, etc.)

We appreciate your partnership and look forward to this next chapter as we evolve to offer the ONE Converged Security Platform.


Joe Morin
SOC | XDR | Master MSSP – Built For The Channel
A Top 100 Global MSSP
Posted Aug 03, 2021 - 14:00 EDT
This incident affected: Breach Detection Service.