Novacoast is an international security services company that helps organizations find, create, and implement solutions for a powerful security posture. This is achieved through advisory, engineering, development, and managed services. With more than two decades of experience, we've built our organization on a foundation of engineering expertise and a culture of creative problem solving.
Our managed security services come packaged with Chronicle and other security solutions to deliver an all-in-one combination of industry-leading tools and services. Our background and expertise allow us to offer SIEM design and architecture, external data source integration, reporting, custom Chronicle parsers, and Chronicle deployment services to enhance Chronicle to fit your unique business needs.
Novacoast has the cybersecurity, development, and management expertise to mature your Chronicle solution. Our global network of SOCs is staffed with experienced analysts who provide 24/7 monitoring and response, with threat hunting, EDR/NDR integration and kick-start services. View our different managed Chronicle service offerings below:
SOC Management & Chronicle Licensing |
Kickstart with Annual Chronicle Licensing |
Threat Hunting with Chronicle and Tanium Licensing |
|
| Provisioning | |||
| Log Source Review | |||
| Infrastructure Design | Preliminary Design Meeting | Preliminary Design Meeting | Preliminary Design Meeting |
| Ingestion Infrastructure Setup | |||
| Log Source Onboarding: (Microsoft, EDR, Proxy, PAN Firewall, DHCP, Threat Intelligence) |
Limited to 5 Log Sources | ||
| Use Case Development | |||
| Custom Parsing | Supplemental Engineering Required | Supplemental Engineering Required | Supplemental Engineering Required |
| Threat Hunting (Hypothesis and Threat Hunt Creation) |
|||
| Critical Alert (24/7/365 Monitoring with Chronicle) |
|||
| Reporting and Dashboards | |||
| Support |
Analyst Tasks Include:
Hours: 24/7
Reporting and Service Review:
Monthly
Chronicle has a set of out-of-the-box supported (OOB) log sources with pre-written parsers. These OOB sources are not subject to the three tiers listed below. For data sources without pre-written parsers, Novacoast offers three tiers of Log Source Onboarding, each of which is defined below. Parser development services are delivered by Novacoast Engineers and Developers who are assigned full-time or part-time to work on log source onboarding for each customers timeline and availability.
|
PARSING SUPPORT (Engineer/Developer Rates Apply) |
||
|
Standard |
Intermediate | Complex |
| 1 day per log source | 1-2 weeks per log source | Up to 4 weeks for complex log sources |
|
Basic parsing of fields such as event date, source IP, destination IP, etc. |
Work with customer to understand use cases for the selected log source. Develop parsers for the subset of events required for the identified use cases |
Work with customer to understand use cases for the selected log source. |
Analyst Tasks Include:
Hours: 24/7
Reporting and Service Review:
Monthly
Analyst Tasks Include:
Hours: 24/7
Reporting and Service Review:
Monthly
