View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

BAE Spins Off Threat Triage Startup, After Internal Incubation

Like a pocket-sized SIEM for SMEs.

By CBR Staff Writer

BAE Systems Applied Intelligence has successfully spun-off a new cybersecurity company following an internal incubation process, in a first for the British defence, security, and aerospace subsidiary.

SOC.OS” has won £2 million in funding from Hoxton Ventures and Speedinvest, the company said today and also secured early adopters, including the UK Atomic Energy Authority.

The company and its product are designed to help internal security teams at medium-sized business manage threat protection and detection tool alerts; automatically analysing, triaging, and prioritising alerts.

The big idea: helping overstretched teams wearing many IT hats at mid-sized firms who may be wrestling with hundreds to thousands of alerts daily from different security products and tools that are not consolidated.

(Most SIEM/SOAR offerings are tailored to large SOCs or internal IT security teams, the company argues, making them cost-prohibitive).

SOC.OS was born within the Futures team of BAE Systems Applied Intelligence – an internal innovation and venture incubation hub. The new company launched officially in June 2020, with Dave Mareels as CEO.

Hussein Kanji, founding partner at Hoxton Ventures added: “As early investors in Darktrace, we know a thing or two about identifying great UK cyber security talent. We are excited to be partnering with SOC.OS and working with the UK’s leading defence player… to spin out this unique company.”

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

The tool works by ingesting alerts and enriching them with third party threat data, associating the alert with MITRE ATT&CK threat data.

These are then clustered by shared entity and threat type (i.e. so that those hitting your network with similar threat types can be clustered together) and then ranked by urgency using a data visualisation tool.

This is, arguably, nothing that hasn’t been done before, but making it work for the millions of companies out there that are increasingly the unwitting target of cybercriminals — but which would struggle to sign off the budget for SoC support or a larger security team — may be a sweet spot.

See also: F5 Exploits Proliferate After Humdinger of a Bug


Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.