Stackarmour

ThreatAlert – SOC and Compliance as a Service

stackArmor ThreatAlertTM is a fully Managed Security Operations Center (SOC) and Compliance Service customized for Public sector, Healthcare, Government Agencies and Government contractors with HIPAA, SOC-2, NIST Cybersecurity Framework,  NIST SP 800-53, FedRAMP or FISMA based security compliance requirements. The stackArmor ThreatAlertTM service provides a fully integrated and end-to-end service that combines Security Operations, AI-Analytics, Threat Remediation and Compliance Reporting for regulated markets. Our approach aligns with emerging cybersecurity best practices such as SOAPA/SOAR that are being increasingly covered by industry analysts like Gartner.stackArmor ThreatAlert

stackArmor ThreatAlertTM provides an end-to-end security and compliance service that goes beyond traditional logging, monitoring, alerting and Security Incident and Event Management (SIEM) to a more proactive threat hunting service. Our fully integrated Dedicated Security Operations Center (SOC) is staffed with AWS certified SecDevOps Engineers delivering incident response, compliance reporting and remediation assistance. stackArmor ThreatAlertTM is the only integrated cybersecurity end-to-end service for NIST, HIPAA, and GDPR compliant security services for public sector, commercial SaaS, government and healthcare organizations. The service is highly configurable and customized to allow for one-time security architecture review, vulnerability and penetration scanning or continuous monitoring & compliance.

Full-stack Cloud Security and Compliance As-A-Service

Active Threat Hunting and Incident Response Services

Effective cybersecurity means going beyond passive logging, monitoring and alerting and requires active threat hunting, incident response and remediation. Our integrated security and compliance platform architecture covers the full-stack including Cloud, Containers, Data and Applications. We also provide integrated compliance reporting for NIST SP 800-171, NIST SP 800-53, HIPAA and GDPR compliance. End to end solution that includes Security Operations, Analytics, Response and Remediation delivered as a service for regulated markets with strong compliance requirememts. The service includes dedicated SecDevOps Engineers and Analysts constantly monitoring and generating customized alerts, reports and remediation recommendations. stackArmor ThreatAlertTM is the only proven SOAPA and SOAR solution for regulated markets in public sector, higher education and healthcare markets.

 

Cost-Effective Security and Compliance Solution

stackArmor provides an end-to-end security and compliance service that helps organizations avoid having to hire expensive and scarce cybersecurity and cloud security experts. Our flexible consumption based cost model allows organizations to get best in breed security services at a highly affordable price. We provide a full set of SecDevOps engineers and analysts who are certified and experienced in AWS engineering and operations support using AWS recommended security best practices contained in the Well-Architected Framework (WAF). We partner with our customers to provide a cost-effective and customized solution that addresses urgent and critical needs that supplement and support our customers’ security and compliance needs.

 

Full-stack Cloud Security and Compliance Service

Comprehensive security coverage including vulnerability management and penetration scanning of AWS cloud configurations, Docker containers, Cloud instances, Applications and Data integrity checks, malware and anti-virus scans delivered in a single solution. Our continuous monitoring report provides coverage on major and critical security performance indicators. We meet the compliance standards for all major security standards including PCI-DSS, HIPAA, FFIEC, ISO 27001, FedRAMP, NIST 800-171 and FISMA.

 

Vulnerability and Threat Coverage Matrix

stackArmor ThreatAlertTM coverage matrix covers the full-stack and has been developed based on NIST, DOD DISA, OWASP, AWS and other Industry best practices and standards. The table below provides an overview of the threats and vulnerabilities included in the service.

Vulnerability Surface Description Frequency of Check/Scan
AWS Cloud Configurations This scan includes common misconfiguration and security best practices that are recommended for protecting data and access including VPC, IAM, S3, RDS and others. Daily scan
Operating System Scans and reports operating system and application server vulnerabilities based on NIST CVE scores. Recommended at least monthly but could be more frequent
Docker Containers Deep scan of container image for common vulnerabilities based on NIST CVE scoring using anchore.io Recommended as part of the CI/CD pipeline
Operational Threats Aggregated collection of findings from common AWS services such as AWS CloudTrail, CloudWatch, and GuardDuty for Account, Instance scanning and unauthorized access. Continuous Scan
Data Files Advanced intrusion detection to detect file integrity issues and report system intrusions. Daily
Anti-Virus and Malware Scanning Integrated antivirus engine for detecting trojans, viruses, malware & other malicious threats. Daily
Custom Scans and Inputs Specialized scanners and integrations with industry leading security solutions including Palo Alto Network, Splunk and Trend Micro amongst others. Dependent on requirements

The service is constantly being enhanced and augmented to cover new types of threats and vulnerabilities to provide highly responsive and updated security coverage.

Flexible Service Delivery Model

The service delivery model includes one-time cybersecurity architecture reviews, vulnerability and penetration scans or continuous monitoring based on customizable reporting requirements. The service delivery includes incident response with customizable alerts, reports and remediation consulting. The stackArmor ThreatAlert service can be deployed as a dedicated service within the boundary of the customers’ environment or delivered as a shared service to meet various business, technical and security needs. The pricing for the service is described below:

  1. stackArmor ThreatAlert (Dedicated Deployment Model)
    • Full-stack alerting and monitoring Small environment with less than 20 instances : Annual Subscription $36,000
    • Full-stack alerting and monitoring Medium environment with between 40-20 instances : Annual Subscription $48,000
    • Please send us an email to solutions at stackArmor dot com for large environments.

     

  2. stackArmor ThreatAlert (Shared Deployment Model)
    • Full-stack alerting and monitoring Small environment with less than 20 instances : Annual Subscription $28,000
    • Full-stack alerting and monitoring Medium environment with between 40-20 instances : Annual Subscription $38,000
    • Please send us an email to solutions at stackArmor dot com for large environments.

Contact Us for Free Consultation

Learn more about stackArmor ThreatAlert and contact us for a free consultation and ask for sample reports. Fill out form to contact a stackArmor ThreatAlert Security Specialist.

Vulnerability Management and Penetration Testing on AWS Cloud