View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
July 7, 2020

BAE Spins Off Threat Triage Startup, After Internal Incubation

Like a pocket-sized SIEM for SMEs.

By CBR Staff Writer

BAE Systems Applied Intelligence has successfully spun-off a new cybersecurity company following an internal incubation process, in a first for the British defence, security, and aerospace subsidiary.

SOC.OS” has won £2 million in funding from Hoxton Ventures and Speedinvest, the company said today and also secured early adopters, including the UK Atomic Energy Authority.

The company and its product are designed to help internal security teams at medium-sized business manage threat protection and detection tool alerts; automatically analysing, triaging, and prioritising alerts.

The big idea: helping overstretched teams wearing many IT hats at mid-sized firms who may be wrestling with hundreds to thousands of alerts daily from different security products and tools that are not consolidated.

(Most SIEM/SOAR offerings are tailored to large SOCs or internal IT security teams, the company argues, making them cost-prohibitive).

SOC.OS was born within the Futures team of BAE Systems Applied Intelligence – an internal innovation and venture incubation hub. The new company launched officially in June 2020, with Dave Mareels as CEO.

Hussein Kanji, founding partner at Hoxton Ventures added: “As early investors in Darktrace, we know a thing or two about identifying great UK cyber security talent. We are excited to be partnering with SOC.OS and working with the UK’s leading defence player… to spin out this unique company.”

Content from our partners
An evolving cybersecurity landscape calls for multi-layered defence strategies
An evolving cybersecurity landscape calls for multi-layered defence strategies
Powering AI’s potential: turning promise into reality
Powering AI’s potential: turning promise into reality
Unlocking growth through hybrid cloud: 5 key takeaways
Unlocking growth through hybrid cloud: 5 key takeaways

The tool works by ingesting alerts and enriching them with third party threat data, associating the alert with MITRE ATT&CK threat data.

These are then clustered by shared entity and threat type (i.e. so that those hitting your network with similar threat types can be clustered together) and then ranked by urgency using a data visualisation tool.

This is, arguably, nothing that hasn’t been done before, but making it work for the millions of companies out there that are increasingly the unwitting target of cybercriminals — but which would struggle to sign off the budget for SoC support or a larger security team — may be a sweet spot.

See also: F5 Exploits Proliferate After Humdinger of a Bug

 

Topics in this article : , , , , , ,
Websites in our network
The New Statesman Press Gazette Spears World of Fine wine Elite Traveler Leadmonitor
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU