The Watch service is an additional service from SecWise for customers who have already reached a certain maturity level in terms of security, and want to continuously follow up and monitor their online security. Through their managed security operating center (SOC), SecWise provides a proactive approach, monitoring, and quick handling of possible incidents. Lowie Daniëls works as a cloud security analyst within SecWise’s Watch service, and explains below what you can expect as a customer.

The Watch service also gives customers the ability to be proactive about their digital security. The service is completely cloud-based, and there are several reasons for that. First, the cloud allows you to set up your SOC infrastructure in a targeted way, which allows you to be more cost efficient. As a customer, you only pay for the storage you need at the time. In addition, there is also no expensive infrastructure investment required before you can get started. Everything in the cloud is also scalable. If you grow as an organization, your cloud transforms effortlessly along with it.

A third important point is that thanks to Microsoft’s cloud environment, you can also use their standards, so as a customer you can be sure of the best possible configuration. To do this, Microsoft uses encrypted data (threat intelligence) from other cloud environments and specifically cybersecurity data sources. Important to note here is that no data from your company can be publicly shared or accessed. The shared data does allow the Microsoft suite of Defender tools to evolve much faster compared to other security vendors/tooling. As a result, our SOC is always armed against the latest threats.

Finally, in the cloud, you can leverage more than 200 different tools and cloud services offered by Microsoft. This allows us to automate investigations for our Watch service, speed up preventive or response actions, manage customer environments remotely, and actually optimize our service continuously. By working in the cloud, you also have the opportunity to eliminate downtime and be sure that your services continue to run day and night.

Customized security

Before you as a customer can join our Watch service, you must have achieved a certain maturity level in terms of security. A connection therefore often follows an earlier trajectory such as the Defender XDR trajectory. New customers who come to us for advice have often recently been the victim of an attack. Or they work with sensitive data and want to know whether their security is strong enough and/or needs to be improved.

To find out where your organization stands in terms of security, we first need an intake interview and assessment. Then we discuss with you the next steps. The Watch service consists of several components. To make it work properly, we start by building a new infrastructure in your cloud. That infrastructure works with Microsoft Sentinel SIEM to both detect threats or attacks and proactively close possible gaps in your defenses.

Then we turn our gaze to user accounts, and start securing them. This is a simple intervention that can already avoid many problems. Because not every organization shares the same concerns, our Watch service is scalable and tailored to your business. So you choose what you emphasize. From workshops with your employees, to 24/7 reachability, or training around phishing emails.

Reports

With the security landscape changing at lightning speed, every day you run the risk of new vulnerabilities popping up, or attacks happening. To ensure that organizations are aware of possible threats, we provide our clients with a monthly report containing our recommendations and findings. There is also a quarterly meeting in which we go deeper into potential attacks that we have repelled and recommendations that are suggested for each domain.

But we also go out on our own as a team to look for vulnerabilities in your digital security. If we find such a potential threat, we first write a detection code. This is easy and fast because Microsoft uses a proprietary Query Language that allows us to perform analysis on large amounts of data in a uniform way. This way we can be sure that we can detect and stop problems quickly. Then we look for the cause and solution to ensure that no new threats can arise. In doing so, we also get help from Microsoft itself.

As a team, we are also part of the Microsoft Private Community where we give feedback on the new toolings it launches. Because we are a Microsoft Gold Partner in the area of security, the lines of communication between Microsoft and us are very short anyway. This allows us to guarantee our customers the best care.

Our Watch service is scalable, available 24/7, and is built to fit your organization. That makes them accessible to both small and large companies from different sectors. Are you also curious about what SecWise can do for your organization? Then contact us via this form.