Any business interested in becoming SOC 2 Type II compliant will need top-notch partners in their corner to bring the expertise and focus necessary to handle the many controls that a SOC 2 audit requires. Today, we’re highlighting a critical partner who played an instrumental role in our own certification.
Over 5 years ago, Castra Managed Services implemented our first Security Incident and Event Monitoring (SIEM) system, an AlienVault solution that we still use today. Our initial engagement with Castra began with the installation of this appliance in our data center, which directed all logs from our network devices (our Palo Alto firewalls, managed switches, etc.).
Castra implemented this solution for us, trained us in using it, and added the AlienVault Unified Security Management component into our core SIEM mix along with dedicated IDS sensors at each of our geographic locations. They have also remained engaged daily as our expert consultants, helping us identify and investigate the threats and abnormalities on our network. They trained our own staff and developed specialized scripts and plug-ins for us, which vastly increased the power, speed, and accuracy of these tools, to keep our network safe. Castra’s professionalism and deep experience in IT security have been something we rely on year after year.
Our partnership with Castra has extended beyond AlienVault SIEM alone. Castra continued to collaborate with us to innovate and develop additional security enhancements. They prioritized bringing in open-source tools to address new problems with an eye on keeping our capital costs as low as possible.
We implemented Wazuh and NXlog to capture logs from individual servers to bring more data into our SIEM platform for analysis. When our historical log retention requirements for SOC 2 extended beyond the capabilities of our core AlienVault SIEM platform, Castra identified and implemented Elasticsearch. Elastic did more than just address our need for long-term log storage; it also added significantly to our threat investigations by enabling our Security Operation Center (SOC) team to rapidly perform forensics and threat hunting each day.
We also brought in new equipment and services that extend beyond open-source tools thanks to Castra’s partnership and expertise. Two prime examples are our Bandura Threat Intelligence Gateway appliance, which beefed up our network security perimeter in our data center, and also, our new Security Orchestration, Automation, and Response (SOAR) platform called Exabeam.
During our SOC 2 audits this year, we were able to put all these tools and our partnership with Castra front-and-center as a major part of our culture of security. Castra was directly engaged with us during the audit, supplying information upon request. They even participated in the onsite portion of the SOC 2 audit, answering to the security of our network on our behalf. The auditor from Kirkpatrick Price said repeatedly, in so many ways, just how unique and special our partnership with Castra was, and we thoroughly agree.
We couldn’t be happier with the quality of services we receive from our strategic partners at Castra, their sensitivity to costs and delivering demonstratable value for every security investment, and we deeply appreciate how they have collaborated with us to innovate and develop a layered security solution that actively protects our networks, systems, and data.
Top 3 Recommended Posts by Castra Consulting:
- Bandura Cyber Announces Strategic Partnership with Castra Consulting
- Top 5 Cybersecurity Steps to Take in 2019
- Set It And Forget It Fail (SIEM)