The Critical Start Risk & Security Operations Center (RSOC) provides 24x7x365 security monitoring, investigation, and response through our MDR services. We take on the complexity of cybersecurity to simplify your daily operations.
Whether you are looking to expand the capacity of your SOC, optimize the efficiency of your tools, or mitigate risk, our team of experts stands ready to extend the detection and response capabilities of your cyber security operations 24x7x365 through real-time monitoring, rapid investigation, and proactive response with full-scale, complete alert resolution.
The Critical Start RSOC delivers fully transparent MDR services and provides response actions that fit your organization’s risk profile and security guidance to continually increase your security posture—all while guaranteeing 10-minute notifications for Critical alerts and 60-minute or less Time to Detection (TTD) and Median Time to Resolution (MTTR) SLAs on every alert, regardless of priority.
We never stop learning
Critical Start RSOC analysts are provided +300 hours of training when they join the team, proctored by senior analysts teaching the skills, knowledge, and toolsets needed to lead the industry.
An 8-week intensive training program is required for all new hires
Analysts are trained on all EDR, SIEM, and XDR tools we integrate with
Analysts have 10 hours set aside every 2 weeks for ongoing training, including post-exploitation investigations, malware reverse engineering, and security engineering
We resolve every alert
We provide managed detection and response 24x7x365, including holidays—somebody is always in the room with eyes on the glass.
10-minute notification for Critical alerts and 60-minute or less MTD and MTTR SLAs for every alert, regardless of priority
If defined in our operating terms with your company, our analysts can isolate a host if it has been compromised or block or allow network connections to the endpoint based on the domain or the URL
We provide comprehensive protection
We maintain the latest certifications, including CompTIA A+, Security+, Network+, Advanced Security Practitioner (CASP+), and Cybersecurity Analyst (CySA+)—just to name a few.
Analysts can create detections using tools such as Microsoft Defender for Endpoint to query the console and create new alerts that don’t come pre-built into the product
2-person integrity for all investigated alerts to ensure quality control for every customer