Cygilant Blog

What’s Behind the “+” in SOCVue+

Posted by Cygilant Labs on Oct 5, 2021

Three superpowers that make you more secure


Most of us are happy just knowing that a technology works, not necessarily how it works. But the details behind the enhancements we’ve made in the Cygilant SOCVue+ platform are too good not to share because of the benefits that they deliver to our customers.

In our recent announcement, we touched on a few of the technical aspects of these enhancements. Here, we reveal more details about the three superpowers behind SOCVue+ that enrich our Cygilant as-a-service offerings – and ultimately make our customers more secure.


Powered by Siemplify

Superpower: Super-Strong Protection


Today, it’s increasingly difficult to identify, analyze, and respond to critical incidents manually amid an overload of logs and alerts. The SOCVue+ platform is powered by Siemplify – one of the best technologies in the security orchestration, automation, and response (SOAR) space.

On the SOCVue+ platform, Siemplify SOAR tools work to enable the collection of data feeds from the multiple sources across your environment – IT infrastructure, network, devices, etc. – that Cygilant monitors for threats.

Siemplify also consolidates this information into a streamlined view (more on that in a minute) so that Cygilant security operations center (SOC) analysts can view that aggregated data – including alerts, logs, and other activity – more efficiently.

Why it matters: With capabilities that include machine learning and SOAR, Siemplify enables our cybersecurity security operation center (SOC) analysts to collaborate more effectively, process data more efficiently, and identify and respond faster to alerts and unusual activity across a range of endpoints in our customers’ environments. In addition, Siemplify works with other Cygilant partner technologies to cross-correlate SIEM and endpoint alerts with vulnerability data, flagging dangerous security gaps.


Intuitive Interface

Superpower: X-Ray Vision


At the heart of SOCVue+, an intuitive Siemplify interface provides a centralized, consolidated “dashboard” view of the data feeds collected from sources across your environment. As we mentioned, this provides Cygilant SOC analysts with critical 24x7x365 visibility into activity, with drill-down capabilities on users, machines, and IP addresses that enable our analysts to tie relationships with other entities and alerts. Smarter groupings of alerts into single cases surfaces patterns and reduces false positives.

The interface also streamlines collaboration and communication between Cygilant analysts and customers for coordinated response and support to security alerts and incidents. Recommended activities, such as patches and other maintenance, also can be logged in the interface to remind customers to perform critical updates.

Why it matters: SOCVue+’s user-friendly interface gives customers a view of the ongoing SOC activities for their environments, including 24x7x365 views into activity status, decisions, actions, and metrics. For our SOC analysts, the interface provides critical, streamlined visibility into activities, making it possible to identify and respond to potential issues quickly


Continuous Monitoring

Superpower: Defeating Threats Around-the-Clock


Cygilant has multiple global SOCs that take advantage of regional skill pools and enable 24x7x365 continuous monitoring services. These groups of cybersecurity experts work together to monitor the networks, devices, and applications of our customers’ organizations looking for potential security problems, malicious behavior, or existing vulnerabilities that could result in a breach or loss of critical data.

Acting as an extension of the customers’ own security teams, Cygilant’s SOC-as-a-Service takes on the sourcing and overhead of skilled resources, process development, and the investment of technology and ongoing maintenance, giving organizations of all sizes access to powerful, enterprise-level SOC capabilities they need to improve their security posture – without the investment or implementation of an in-house cybersecurity infrastructure.

Why it matters: With the added capabilities of SOAR and intuitive interface, the SOCVue+ platform supports Cygilant’s critical SOC-as-a-Service offering. SOCVue+ delivers the information Cygilant’s SOC analysts need in a format that makes them more effective and efficient at identifying – and halting security issues in our customers’ environments. In addition, with SOCVue+’s real-time data feeds and 24x7x365 monitoring, Cygilant protects our customers’ organizations – even when they’re asleep.

In the quest to make your modern organization more secure, you need all the superpowers you can get. All Cygilant’s SOCVue+ platform needs now is a colorful cape.

If you are a customer, please contact your CSA for details on when your organization will gain access to SOCVue+. Check out the press release for more details:


Tags: Cybersecurity-as-a-Service, SIEM

Most Recent Posts

Subscribe to the Cygilant Newsletter