Mayfield’s vSOC is a simple, affordable and easy to deploy architecture that would easily fit into many existing environments with minimal changes.
Our vSOC service provides:
Managed Security
Security Automation
Mayfield can manage a customer's existing environment using SOAR capabilities. We can monitor and automate response to incidents using the latest technologies in security automation. A combination of human and machine learning capabilities can do wonders to protect an organization.
SOC as a Service
Detect and stop the most advanced cyberattacks using Mayfield’s vSOC. vSOC provides a comprehensive, holistic and scalable solution for managing security, performance, and compliance from IoT to the Cloud.
Our ready state vSOC, can collect and process security information and events on Day 1. For many clients, time is of essence value and the Mayfield team can simplify the process of onboarding and customers are under no obligation to purchase new hardware or software. Our highly customized state-of-the-art, big data, cybersecurity analytical and alerting service comprises of advance correlation and machine learning engines powered by Mayfield expertise in forensics and malware analysis. Mayfield’s SIEM can be deployed quickly on a private cloud hosted by Mayfield or complement an existing SIEM solution for additional visibility and customization of use cases.

SIEM
Even with properly configured systems, no security solution provides iron-clad protection against ransomware. This calls for a defense-in-depth approach to creating security layers in the environment.
A comprehensive SIEM-based approach increases the potential for detecting a ransomware infection before it deploys. SIEM provides a holistic overview of a company’s IT environment from a single point of view in terms of its specific security events, empowering teams to detect and analyze unusual behavior.
To be effective, a SIEM needs a source of high-quality data and knowledge of what to look for. Several data sources exist including system logs, Windows AppLocker, endpoint security solutions, and SIEM agents deployed on the endpoint.
Knowledge of what to look for comes from an understanding of the ransomware’s goals and the steps necessary to achieve them. Ransomware attacks can be identified using indicators that appear in the early, middle, and late stages of an attack.

To detect ransomware with a SIEM, it is necessary to lay the groundwork first. Some best practices to leverage your SIEM to detect ransomware include:
Threat Hunting
The days of on-premises IT are gone forever. Widespread cloud adoption has broadened the enterprise perimeter along with the overall attack surface. The necessity to work from home during the pandemic has shifted the paradigm completely, possibly making a permanent return to the office unlikely for many. Traditional access management, user authentication, and perimeter protection technologies, therefore, can no longer be relied upon.
An extended detection and response (XDR) approach use layered technologies to allow security teams to reach deeper into the network and take a more proactive stance against security threats. This approach produces fewer alerts, faster event resolutions, and lower costs. With layered monitoring, you can gain greater visibility and control, with the ability to micro-segment the network and move more efficiently on actionable alerts. Relief from “alert factories” also allows teams to focus attention on real threats and closing the holes that threaten to let them in.

Contact Us
Canada
2 Robert Speck Pkwy, 750,
Mississauga, ON
L4Z 1H8
USA
1600 Golf Road,
Rolling Meadows
60008
Use the contact form to reach us out for any questions or inquiries!
For any immediate requirements, feel free to call one of our experts directly (844) 629-7321