24x7 Cybersecurity Operations Centre (SOC)
Tesserent’s home-grown, world-class SOC delivers Australia’s most comprehensive approach to cybersecurity 24 hours a day.
The expertise of our people, the superiority of our technology and a commitment to transparent and highly visible processes define us. We are the only Australian company of this scale, offering these services. Our clients are empowered to partner with us for end-to-end security solutions.
Our service is deployed into your environment, providing coverage for your entire technology footprint - from the cloud and SaaS, on-premise and dedicated infrastructure, security monitoring and analytics, to operational technology and Internet of Things technology - This is all monitored and protected from our locally 24/7 Managed Security Operations Centre (SOC).
Our team of more than 500 skilled cybersecurity professionals across Australia and New Zealand provide specialised expertise in the full life cycle of security events. We know that comprehensive incident detection and prevention requires a multifaceted approach, with our people, processes and technology all working together effectively. At Tesserent we have multiple roles, career paths and areas of expertise within the SOC, so that we can provide the best capability possible.
We proactively monitor, detect, and respond to cyber threats around the clock, every single day of the year.
Every industry has its own unique threats and risks. We work with iconic organisations and enterprises, government agencies and critical infrastructure entities to prevent major incidents before they happen.
Gartner leading technology that produces best-in-class results. We choose the best tech for the client, align our services to the industry standard NIST Framework, and develop and maintain a range of playbooks that address many common security threats and vulnerabilities. Our transparent approach means clients have full visibility to empower their engagement in protecting their digital assets.
The 24/7 SOC monitoring is a key part of Tesserent’s Cyber 360 offering. Core services delivered by the SOC are:
Extended Detection and Response (XDR)
Vulnerability Management Service (VMS)
Breached Credential Monitoring
We support monitoring of OT environments as well as IoT deployments with a dedicated threat detection and response team who understand these unique environments.
Managing Partner - SOC, IT Systems & Brand
Prior to being purchased by Tesserent, Pat was previously the CEO at Tesserent Secure for 15 years. After being purchased by Tesserent, his attention has been purely focused on the Tesserent SOC and delivering capability based on customers' needs. Patrick has engaged with hundreds of clients and understands the unique challenges posed by cybersecurity threat actors.
Senior Partner - Cybersecurity Strategic and SOC
Kelly has 19 years of experience in the IT industry, with the last 10 focused on cybersecurity operations. He established the SOC for a large NZ MSP, moving to Tesserent 7+ years ago to bring his extensive local knowledge and experience including a deep understanding of the NZ market.
Partner - SOC Delivery & Operations
With 18+ years of working in the IT and communication industry and leveraging previous experience within the military, police and SaaS companies, Lizana is now focused on leading the SOC at Tesserent. She oversees the SOC Delivery and Operations teams and is focused on exceptional client experience through coordinating and managing customer deliverables.
Luke brings 15+ years of experience in IT and Cyber Security Operations, overseeing Tesserent’s entire team of analysts, engineers and threat hunters in the Global Cyber Security Operations Centre. He brings a wealth of knowledge including Specialist Incident Response and Digital Forensics skills, as a result of specialised training from the Australian Defence Force Academy.
The Tesserent SOC is a world class, ISO 27001 certified facility where our team of dedicated cybersecurity specialists monitor and manage your environment.
Our SOC is staffed with senior security analysts and engineers, with many years of experience in the security vertical, as well as Operational & SOC managers who oversee security operations. SOC staff work closely with your organisation’s response team via our established playbooks, to ensure security issues are addressed quickly upon discovery.
Our analysts are trained to identify anomalous activity that could be indicative of a security incident or compromise, complimented by machine learning technology, ultimately designed to monitor abnormalities/algorithms to define patterns within security events through stringent correlation & triage activities, underpinned by highly scrutinised security frameworks.
Your dedicated Service Delivery Manager will provide service governance and project management of contracted deliverables, ensuring continuous service improvement in line with your business growth while developing trusted relationships and being a client advocate for you within Tesserent.
The main responsibilities of the Service Delivery Manager are:
Be a primary contact for the customer, acting as a conduit into Tesserent and point of escalation
Oversee the delivery of services to our customers
Ensure that all subscribed services are consistently being delivered within SLA and to Tesserent standards
Manage the relevant SLA and ITIL processes
Ensure that all contracted service reporting is delivered as per SLA
Management of subscribed Service Review meetings
Maintain regular contact with the customer and evaluate feedback to develop quality service improvements
Have a clear understanding of the customers business and subscribed service(s) to drive continual service improvement
Work with the Tesserent Sales Executive to develop and manage additional projects related to the service.
Tesserent have established, Australian-based Security Operations Centres located in both Sydney and Melbourne.
Tesserent follows the NIST 800-61 framework when dealing with major cyber security threats in our customers' environments.
The framework consists of the following steps;
Preparation – Tesserent’s proactive approach to incident response delivers your organisation an incident response plan, ensuring those responsible for participating understand their roles and responsibilities, and that your organisation has a plan in place when the worst happens. Preparation is a proactive measure that has the biggest influence on reducing the impact of cyber incidents, whilst assisting to prevent an incident in the first place.
Detection – Tesserent assists in ensuring that your organisation will not only have the appropriate security tools in place, such as SIEM and EDR, but that the information being collected is relevant and inline with best practice, assuring protection of the data that matters to you and keeping your security solution cost-effective. In addition to providing skilled analysts and engineers, we also arm them with advanced threat detection tooling and techniques such as AI and automation.
Analysis – Tesserent analyses security alarms, events, and incidents to deliver end-to-end incident response for your organisation. Our team of specialists analyses an incident to determine the source, how best to remediate it, and to confirm remediation steps are complete using a combination of automated and manual techniques.
Containment and Eradication – Containment and Eradication without the appropriate skills can result in further organisational damage - critical data may be deleted, or assumptions made on the ‘eradication’ of a threat actor, when they may still be active elsewhere, or commonly, have placed back doors in your environment to regain access. Tesserent has the skills to contain and eradicate major cyber security incidents to their entirety. Tesserent can also conduct forensic analysis when required.
Recovery – Tesserent supports organisations in recovery through post incident review, recommendations for improvement to prevent the recurrence of incidents, and supporting documentation reviews.
Post Activity – Tesserent will carry out any further forensic activities as requested by the Customer, including providing reporting aligned with your governing body, or federal government guidelines. Tesserent has the capacity to speak in court if your incident becomes a legal matter.
Tesserent is a full-service cybersecurity and secure cloud services provider, partnering with clients from all industries and all levels of government. Let’s talk.