SOCSoter and Compliance
SOCSoter’s comprehensive cybersecurity platform is focused on providing a more complete view of the business network, cloud infrastructure, and individual endpoints. Coverage areas include; Network Monitoring / SIEM (SMA), Cloud Applications Monitoring (CMA) and Endpoint Protection with vulnerability monitoring (EDR/EVM). These services, paired with a 24/7 security operations center help business groups meet or exceed various compliance obligations, regulatory, and supply chain demands, such as:
- CMMC
- NIST 800-171
- ITAR
- HIPAA
- ISO 27001
- FINRA
- GDPR
- NYDFS
- and more
A complete services portfolio; The SOCSoter platform is designed from the ground up to address increased cyber risks and strengthening regulatory requirements, while being in compliance with those same requirements.
Services Profile Summary:
- Our 24/7 Security Operations Center (SOC) is located in western Maryland, USA.
- All SOCSoter employees are US citizens and go through extensive background checks.
- SOCSoter services are deployed in AWS FedRAMP infrastructure
- Detailed here: https://aws.amazon.com/compliance/fedramp/
- Specific SOCSoter services can be deployed in AWS GovCloud as an enhanced service selection chosen at time of order.
- GovCloud services can be validated via GovCloud-validated IP address like: ec2-xxx-xxx-xxx-xxx.us-gov-east-1.compute.amazonaws.com.
- AWS GovCloud gives us the ability to deploy our services into architecture that complies with the FedRAMP High baseline; the DOJ’s Criminal Justice Information Systems (CJIS) Security Policy; U.S. International Traffic in Arms Regulations (ITAR); Export Administration Regulations (EAR); Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) for Impact Levels 2, 4 and 5; FIPS 140-2; IRS-1075.From Controlled Unclassified Information (CUI), Personally Identifiable Information (PII), sensitive patient medical records, and financial data to law enforcement data, export controlled data and other forms of CUI, the SOCSoter Cloud SIEM deployed into AWS GovCloud (US) helps our customers address compliance requirements.
- SOCSoter does not have direct access to, process or store protected information such as:
- Controlled Unclassified Information (CUI)
- Personally Identifiable Information (PII)
- Intellectual Property (IP)
- Electronically Protected Health Information (ePHI)
- Our EDR is FIPS 140-2/3 validated.
- The certificate can be found here: https://cloud.google.com/security/compliance/fips-140-2-validated
SOCSoter is a CMMC-AB Certified Third Party Assessor Organization (C3PAO) candidate and has CMMC-AB Registered Practitioners (RP) on staff.
Our staff hold the following certifications:
- CISSP ® – Certified Information Systems Security Professional
- ITILv3
- CompTIA A+, Network+, Security+
- C|EH Certified Ethical Hacker
- C|SA – Certified Security Analyst
- EC-Council – Licensed Penetration Tester
- Global Information Assurance Certification Forensic Analyst (GCFA)
- CISCO CCNA
- Senior System Manager (CNSS-4012) Certified Information Assurance Associates (IA2)
- CNSS-4016 Risk Analysis certification
SOCSoter is a registered government contractor on www.sam.gov:
DUNS Number 055484639 (Data Universal Numbering System)
CAGE Code 8UAX8 (Commercial and Government Entity Code by NATO Codification System)
Legal Name SOCSOTER, INC.
Entity Structure 2L – Corporate Entity (Not Tax Exempt)
Business Type 2X – For Profit Organization
A5 – Veteran Owned Business
XS – Subchapter S Corporation
Primary NAICS Code 541519 – Other Computer Related Services
SOCSoter is located in a qualified HUBZone