SOC as a Service

The first step to ensuring a strong cybersecurity posture for your organization is to identify and protect your assets. Our technical service offerings range in both depth and complexity to support customers of all maturity levels. We start with a thorough understanding your environment, design and conduct minimally invasive tests, and ultimately help inform better decision-making by delivering insights, findings, and severity ratings unique to your organization. ​

By Light’s technical services team leverages decades of professional experience and hand-selected technologies to evaluate your organization’s security program from the mindset of your adversaries. This threat-focused approach allows us to accurately identify gaps, report findings specific to your business, and provide recommendations around best practices for mitigating your weaknesses and reducing your risk exposure.

Vulnerability Assessments are a critical component of any vulnerability management program, and are often recommended as the preliminary step for evaluating your security posture.

Prior to performing a Vulnerability Assessment service, we work with your management and technical staff to establish testing criteria, scope, and schedule. During the engagement, our consultants will perform the technical activities such as scanning and manual inspection, and procedural activities such as interviews and document review. At the end, the team categorizes each vulnerability based on severity and reports the findings, impact, and recommendations for remediation to help guide your security team’s response. For a typical Vulnerability Assessment, we recommend a timeframe of one to three weeks to perform all assessment and reporting activities. ​​

• Internal Vulnerability Assessment
• External Vulnerability Assessment
• ​Cyber Due Diligence Assessment

Penetration testing is one of the most versatile tools that an organization can use to test their security posture, as it provides insight into the depth of their vulnerability exposure and a greater understanding of the residual vulnerability impact through exploitation and post-exploitation activities.

Prior to performing a Penetration Testing service, our team works with your management and technical staff to understand your assessment needs and to establish the testing scope and schedule. During the assessment, our consultants evaluate the attack surface of the in-scope systems and services to identify potentially exploitable vulnerabilities and misconfigurations. If a foothold can be achieved, the consultants will attempt to gain further access and evaluate vulnerability exposure at a deeper level. At the conclusion of the assessment, the team categorizes each vulnerability based on severity and reports the findings, impact, and recommendations for remediation to help guide your security team’s response. For a typical Penetration Testing service, we recommend a time frame of one to three weeks to perform all assessment and reporting activities. For customers with additional or unique requirements, the By Light team can customize our services and tailor an engagement for your organization. ​

• Internal Penetration Test
• External Penetration Test
• Web Application Assessment
• Wireless Assessment
• Mobile Penetration Test
• Physical Assessment
• Remediation Validation

A threat-focused assessment is an effective way to evaluate the maturity of your organization’s security program and defensive strategy. Using an adversarial-focused approach, we simulate characteristics of innovative attackers to test your organization’s defensive capabilities, re-enforce areas of strength, and identify security gaps to help combat real-world threats.

​​Prior to performing a typical advanced assessment, our consultants works with your organization’s stakeholders to establish testing scope, schedule, approach, and objectives. In general, we recommend a timeframe of at least eight weeks for black-box threat simulation engagements when very little information about the customer is provided to the consultants. For customers with unique requirements or time frame constraints, we can customize and tailor an engagement with different services for your organization. ​

• Security Controls Validation
• Threat Simulation
• Threat Emulation
• Assumed Breach Assessment
• Phishing Assessment
• Exercise Support ​

As threats have grown in number, they’ve also matured to become increasingly complex. They take advantage of the diverse attack paths, such as a company’s business applications, IT configurations, and email. By Light’s MDR services combine human and threat intelligence to provide customized visibility and prevention capabilities optimized to protect your applications, your network, and your endpoints. The result: a faster investigation of threats, accurate guidance on response processes, and the elimination of false positives. 

Out-of-the-box solutions simply cannot keep up with the​ pace by which threats evolve. Traditional Managed Security Service Providers (MSSPs) provide scope and understanding of your network, but not the means to isolate and defend against the specific adversaries targeting your enterprise. Instead, look to Managed Detection & Response (MDR) as a holistic, highly specialized solution. Our MDR solution is built upon four key security vectors to provide deeper ​insights and support full-spectrum coverage ​for your network environment.

Endpoint Detection and Response provides visibility and prevention capability on your endpoints, whether they are virtual, physical, or cloud instances. Each enterprise has unique business applications and IT configurations that present different attack vectors. If an advanced attack occurs, and anti-virus (AV) or next generation anti-virus (NGAV) solutions are not able to block it, traditional security teams may not be aware that a security incident is happening and will not have the necessary information to investigate and respond to the attack.​

Our Endpoint Detection and Response services provide both added visibility and the ability to contain and investigate an attack.

Not all threats are created equal, and not all defenses are created equal. Active monitoring of your network is vital in stopping attackers before they can do severe damage to your company’s reputation. ​

By Light tailors a strategy specific to the unique threats your organization faces. Using this approach enhances your information security capabilities by providing an analysis of how your network is connected, its blind spots, location(s) of potential risk, and your sensitive data.

Adversaries work around the clock. Effective monitoring of your network is vital in stopping attackers before they can inflict serious destruction to your company’s reputation.

We provide continuous monitoring services to supplement your existing security team after business hours, on holidays, weekends or per a customized schedule that meets your security needs.

Email is one of the most commonly exploited attack vectors for a good reason – it’s highly effective. From 2017 to 2018, email-based attacks on businesses increased by 476%. The bottom line is that users are susceptible to “clicking links” and opening attachments that can provide adversaries a path to breaking into your infrastructure and gaining a permanent foothold.

By integrating our Email Threat Protection (ETP) services, businesses can automatically filter out threats and build in safety measures to limit the damage.​

The HITRUST CSF certification program allows companies and supply chains to conform to and display a common expectation among organizations where protection of PHI, PII, and other sensitive data is paramount. While originally born out of the healthcare industry, the HITRUST CSF program has since expanded to support multiple industries and leading cybersecurity frameworks.

As a certified HITRUST™ 3PAO, We partner with companies to perform independent security assessments. Organizations can achieve a HITRUST CSF certification if they are able to successfully exhibit an acceptable cybersecurity posture. Additionally, in order to maintain the certification, companies are required to undergo annual interim assessments by a trusted 3PAO.

Improving business performance, turning risk and compliance into opportunities, developing comprehensive strategies, and enhancing value are at the core of By Light’s advisory and assessment services. Our experienced Governance, Risk and Compliance team consistently delivers exceptional results on time, and on budget. Our services help boards and senior executives better manage enterprise risks, and provide reassurance to management and audit committees over the design and implementation of security controls. Compliance is within reach, no matter your available resources. We will work together to create a customized project plan that will fit within your budget by focusing on your highest-impact compliance actions.

These services include:

​Readiness Assessments

• DRAFT CMMC
• FedRAMP
• NIST SP 800-171 CIS-20
• HITRUST CSF®
• IEC 62443
• AWIA
• Cloud Migration & Hybrid Cloud Strategy

GRC Development

• Policies, Procedures & Plans

Not all threats are created equal, and not all defenses are created equal. Active monitoring of your network is vital in stopping attackers before they can do severe damage to your company’s reputation. ​

By Light tailors a strategy specific to the unique threats your organization faces. Using this approach enhances your information security capabilities by providing an analysis of how your network is connected, its blind spots, location(s) of potential risk, and your sensitive data.

Adversaries work around the clock. Effective monitoring of your network is vital in stopping attackers before they can inflict serious destruction to your company’s reputation.

​We provide continuous monitoring services to supplement your existing security team after business hours, on holidays, weekends or per a customized schedule that meets your security needs.

Email is one of the most commonly exploited attack vectors for a good reason – it’s highly effective. From 2017 to 2018, email-based attacks on businesses increased by 476%. The bottom line is that users are susceptible to “clicking links” and opening attachments that can provide adversaries a path to breaking into your infrastructure and gaining a permanent foothold.

By integrating our Email Threat Protection (ETP) services, businesses can automatically filter out threats and build in safety measures to limit the damage.​