Automated and audited process integrated into the MDR provider’s Zero-Trust Analytics Platform ensures the quality and consistency of security alert analysis in full view for customers
Plano, TX – February 7, 2019 – CRITICALSTART, a leading provider of cybersecurity solutions, today announced SOCReview™, the world’s first automated and audited process for measuring the subjective nature of security alert analysis. Committed to full transparency for its Managed Detection and Response (MDR) service, CRITICALSTART’s SOCReview takes it to the next step in “radical transparency” by integrating quality control and two-person integrity directly into the Zero-Trust Analytics Platform (ZTAP) that powers the company’s MDR services for hundreds of enterprise and mid-sized customers.
Historically, Managed Security Services Providers (MSSPs) have touted policies or service level agreements around forwarding security events to customers in less than five minutes. In a cybersecurity market overrun with alerts and a shortage of qualified staff, forwarding events does not deliver the real value of careful investigation and simply shifts the analysis burden to customers. MDR services replace the legacy MSSP approach by investigating security events and providing the analysis needed to properly respond. However, real analysis is subjective, requires human judgment and takes time, raising questions for customers about their quality and efficacy if hidden behind the typical “black box” MDR approach.
CRITICALSTART is the only MDR provider that recognizes the importance – and subjective nature – of human analysis and created SOCReview to add a layer of quality assurance with full customer transparency. Based on machine learning technology, SOCReview samples a subset of alerts for review and scoring based on the quality and completeness of the investigation and then automatically adjusts the number of alerts reviewed per analyst based on their ongoing analysis scores. In addition, all automation playbooks created or modified to eliminate false positives require a second analyst to conduct an audited review that is available to our customers.
“One of our founding principles is that customers come first, so SOCReview is another example of our ‘radical transparency.’ We provide MDR customers access to everything we do, so they can verify the high quality of our services,” said Rob Davis, CEO at CRITICALSTART. “As a high-growth, independent MDR, we are not beholden to outside investors or boards and can take the time to invest in our SOC personnel, SOC technology automation, and continuous DevOps improvements that add value and make our customers more secure.”
CRITICALSTART makes significant investments in its SOC team to maintain the industry’s highest level of expert security analysis and recommendations. Each of the company’s SOC analysts receives 160 hours of training before they ever work in a customer’s environment as well as 40 to 80 hours of additional training each year. As a result, CRITICALSTART’s MDR service grew more than 300% last year and maintains a 99% customer retention rate.