In response to Indicators of Compromise (IoC) identified in the recent SolarWinds/Microsoft 365 breach, SOCSoter has implemented these IoCs into its Managed Cloud SIEM cloud monitoring tool.  While the indicators found in the Cybersecurity and Infrastructure Security Agency (CISA) tool are helpful as a handy status check, it only provides a historical view of the environment from a forensic perspective. 

By ensuring these same CISA controls are in place in the Managed Cloud SIEM (MCS), SOCSoter is ready to provide continuous coverage on malicious activity in the M365/Azure ecosystem. The “always on” monitoring of the Managed Cloud SIEM, coupled with the insights provided by CISA, goes a long way to enhance the protection of organizations employing M365/Azure.

The Managed Cloud SIEM platform from SOCSoter implements automated threat intelligence and built-in security rules, adding data enrichment that highlights signs of potential malicious activity.  The Managed Cloud SIEM is backed by an US-based, 24/7 Security Operation Center (SOC), as well.  SOCSoter’s team of certified SOC analysts are always on hand to investigate alerts and assess their threat level.  If a critical threat is identified, the analysts can quickly take action.

The Managed Cloud SIEM platform and all of its integrations are offered exclusively through the Managed Service Provider (MSP) channel.  All API integrations (including the M365 integration) offered through the Managed Cloud SIEM platform are available on an “all-you-can-eat” basis; in other words, unlimited API integrations for one low monthly price.

The complete SOCSoter SOC-SIEM suite of products allows SOCSoter’s SOC analysts to dive into network, endpoint and cloud data; leveraging threat intelligence, emerging threat techniques and the MITRE ATT&CK framework to determine if malicious activity is taking place anywhere in the customers environment.