Creating a Better Security Operations Center (SOC) by Putting the Customer First
There are many reasons why an organization may choose to outsource its security management. It can be difficult and expensive to build, scale, and maintain a dedicated and knowledgeable SecOps team, and choosing a managed security service shouldn’t require any organization to compromise the robustness of its security. Unfortunately, that is exactly what happens because of the nature of how these services are offered. Many managed security providers have a security operations center, or SOC. This is the security team that is on call and responding when their customers’ ability to operate securely is under threat. Industry-wide, there’s a fundamental problem with how SOCs operate — they are often outsourced operations that don’t understand their customers’ infrastructure, threat history, or the small important details that are key to quickly resolving issues when they are hit by a novel attack.
When we designed the Fastly Managed Security Service, we knew we were unwilling to compromise on the quality of service provided. Hence, we established our Customer Security Operations Center (or CSOC) and staffed it with implementation engineers who tailor security controls to fit each organization specific to its needs. Since security priorities change as quickly as the threat landscape, our CSOC embeds a technical specialist with each customer to adjust security controls as needed, and we continuously customize our approach for each customer. Fastly also maintains senior representatives in each region, so they are awake, alert, and ready to respond to attacks and issues for our customers, anywhere in the world.
When a customer subscribes to our Managed Security Service or our Response Security Service, they get direct access to our CSOC – and immediate protection from today’s increasingly sophisticated cyber-attacks. Our 24/7, dedicated, in-house team helps keep our customers secure, so they can focus on what matters most.
Learn the "how" and "why" of cloud native app security with the Cloud Native AppSec PlaybookDownload now
We sat down with Fastly’s Vice President of Customer Security, Gino Lang to learn more about how our CSOC stands out from the competition. The full Q&A follows.
Q: What is the Fastly Managed Security Service?
Gino: The Fastly Managed Security Service is a premium offering that provides Fastly Next-Gen WAF customers with continuous monitoring and proactive mitigation of attacks, along with 15-minute SLA-backed incident response and regular configuration maintenance. Staffed 24/7 by Fastly’s global Customer Security Operations Center (CSOC), this service enables in-house teams to improve their overall security posture and focus on their core competencies, strategic initiatives, and high-impact projects.
Q: Why launch the Fastly Managed Security Service now?
Gino: Today the Internet is embedded in the very fabric of our lives. It’s the tool we use to pay our mortgages, do our banking, etc. Yet with all of the convenience and information that it has brought to us, the number of opportunities to exploit it and to take advantage of folks has skyrocketed.
One of the biggest things about the threat landscape that has changed over the last year or two has been the scale of attacks. For example, the size of DDoS attacks has increased very quickly. It used to be an aberration to see multiple millions of requests per second, but it’s becoming more commonplace.
Our Managed Security Service (MSS) is a natural progression of our Response Security Service, which has served as a 911 for security issues for our customers: in other words, something's happening – I'm under attack right now and I need help. But, instead of just responding, what if you could have proactively detected – and prevented – an attack? Our new service is like having detectives show up and say, ‘we think there's a credible threat against you and we want to do something about it now, before an attack takes place.’ With both the Response and the Managed Security services, our Customer Security Operations Center (CSOC) takes an active role in mitigating today’s attacks.
Q: What is the Fastly CSOC?
Gino: The CSOC is our Customer Security Operations Center. Unlike other vendor security operation centers, we believe it’s important to include the word “Customer” in our name because our service is customer-centric. We are focused on helping our customers improve their security posture using Fastly Security products and services. In fact, the CSOC sits on top of our customer support organization. When you subscribe to our Managed Security Service or our Response Security Service, you get direct access to our CSOC. Today our global CSOC is based on the follow-the-sun model. We put senior people in each region as well so they are awake and alert and able to do their best work for our customers, no matter where they reside.
Q: How did the CSOC get started?
Gino: The journey to building out a CSOC started years ago. I was originally hired at Fastly to build out our mission control center, which was our version of a network operations center. When we built out that initial team, we quickly realized that we were going to need to have security experts because of the security events that we saw affecting customers' traffic such as DDoS attacks, credential stuffing, and other types of attacks.
Q: How will Fastly Managed Security Service adjust to the fast-changing threat landscape?
Gino: Unlike other vendors, our CSOC is not an outsourced call center. At Fastly, we have a dedicated in-house team who takes a holistic approach to serving our customers. When we onboard you as a Managed Security Service customer, we will want to get to know your infrastructure, threat history and see if there's anything that's susceptible to known attacks. Our implementation engineers will help tailor security controls to fit your organization. Since security priorities change as quickly as the threat landscape, a designated technical specialist will be embedded in your account to adjust security controls as needed. We continuously customize our approach for each customer based on the time and resources that are available. If a customer is strapped for in-house resources and there's more that they want to do, we can engage our entire professional services team to help with an additional scope of work.