The ConnectProtect platform is a custom service powered by Microsoft Sentinel, functioning within the Azure cloud infrastructure as a comprehensive Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) solution.

This platform is designed to enhance security operations by streamlining processes such as data collection, anomaly detection, response, and in-depth investigation.

Our platform allows for the integration of chosen data into workbook resources, providing capabilities that include visualising log data for clearer insight, detecting anomalies and triggering alerts to potential threats, undertaking thorough investigations into security incidents, actively searching for and identifying emerging threats, and automatically addressing and mitigating security events efficiently.

ConnectProtect stands apart from conventional security services by offering a suite of bespoke and integrated cybersecurity solutions, specifically tailored to the unique needs of your organisation. Unlike standard MSSPs, MSPs, or Managed SIEM/EDR services that provide generalised security measures, ConnectProtect delivers:

• Customised Rulesets based on your organisation’s specific needs and contexts.
• Bespoke Resource Allocation tailored specifically for your business.
• Universal Log Processing for comprehensive analysis and monitoring.
• Proprietary Protocol Development for innovative solutions.
• Expertise-Driven Responses by seasoned cybersecurity experts.
• Integrated Approach that seamlessly integrates with your existing IT infrastructure.
• Proactive Threat Intelligence for a proactive approach to cybersecurity.
• Customer-Centric Support offering personalised guidance.
• Compliance and Reporting for complete transparency and insight.
• Cost Efficiency by eliminating the necessity for multiple security tools and services.

ConnectProtect’s pricing model is tailored based on several key factors: the scope of assets covered, the consolidation and streamlining of rules, the specific services chosen, and the volume of data ingested into our solution. This approach ensures that pricing aligns with your specific security needs and data usage.

For a detailed breakdown and to discuss how this applies to your organisation, we invite you to book a call with our team.

ConnectProtect is designed to ingest any log source, provided it is human-readable and accessible via specific applications. This capability ensures that your entire IT environment can be monitored and protected, allowing for comprehensive visibility and security across all your systems and platforms.

Certainly, ConnectProtect can monitor endpoints either when the customer’s endpoint security solution is integrated with our system or when the customer opts to utilise our own solution.

Yes, ConnectProtect can identify indicators of lateral movement within your network by utilising behaviour analytics and leveraging Indicators of Compromise (IOC) data, depending on the information supplied to our solution. This enables us to effectively monitor and respond to potential security breaches that involve movement across your systems.

The location of your log data depends on your preferences and geographical location. In some instances, the data storage location may vary from the customer’s physical location, also influenced by Azure’s infrastructure and data center availability in your region.

Log data access is strictly limited to the ConnectProtect Team, SOC, and any personnel you specifically designate. We ensure rigorous access control to maintain the security and confidentiality of your information.

The extent of changes required depends on the service package selected. Generally, modifications are minimal, such as redirecting log outputs to an alternative server or deploying an endpoint agent. The most common adjustment involves setting up our log collector.

You are encouraged to conduct your own assessment of ConnectProtect’s system. We support this through options like a Proof of Concept (PoC) or Proof of Value (PoV). Should you wish to perform scans or other assessments, please coordinate with our team to arrange this at a time that suits you best.