24x7 Cybersecurity Operations Centre (SOC)

Tesserent’s home-grown, world-class SOC delivers Australia’s most comprehensive approach to cybersecurity 24 hours a day.

Let our dedicated team of experts manage all, or a part, of your environment for you. Our service can be deployed on-premise, in the cloud or via a secure connection, and all are managed and monitored in our locally-based 24×7 SOC.

24/7 Cybersecurity

The expertise of our people, the superiority of our technology and a commitment to transparent and highly visible processes define us. We are the only Australian company of this scale, offering these services. Our clients are empowered to partner with us for end-to-end security solutions.

Our service is deployed into your environment, providing coverage for your entire technology footprint - from the cloud and SaaS, on-premise and dedicated infrastructure, security monitoring and analytics, to operational technology and Internet of Things technology - This is all monitored and protected from our locally 24/7 Managed Security Operations Centre (SOC).

Skilled Cyber Professionals
across Australia and New Zealand

Certifications
between our Security Analysts and Engineers

Incident engagements
per year

Clients globally
Iconic organisations, government agencies and critical infrastructure

Hours responding
to incidents per year

Securing our region’s digital assets for the future.

Best and Brightest

Our team of more than 500 skilled cybersecurity professionals across Australia and New Zealand provide specialised expertise in the full life cycle of security events. We know that comprehensive incident detection and prevention requires a multifaceted approach, with our people, processes and technology all working together effectively. At Tesserent we have multiple roles, career paths and areas of expertise within the SOC, so that we can provide the best capability possible.


Locally Managed 24/7 SOC

We proactively monitor, detect, and respond to cyber threats around the clock, every single day of the year.


1200+ Clients Globally

Every industry has its own unique threats and risks. We work with iconic organisations and enterprises, government agencies and critical infrastructure entities to prevent major incidents before they happen.


Industry Leading Technology

Gartner leading technology that produces best-in-class results. We choose the best tech for the client, align our services to the industry standard NIST Framework, and develop and maintain a range of playbooks that address many common security threats and vulnerabilities. Our transparent approach means clients have full visibility to empower their engagement in protecting their digital assets.


Core Services

The 24/7 SOC monitoring is a key part of Tesserent’s Cyber 360 offering. Core services delivered by the SOC are:


Operational Technology Focus

We support monitoring of OT environments as well as IoT deployments with a dedicated threat detection and response team who understand these unique environments.

Our People

Patrick Butler

Managing Partner - SOC, IT Systems & Brand

Prior to being purchased by Tesserent, Pat was previously the CEO at Tesserent Secure for 15 years. After being purchased by Tesserent, his attention has been purely focused on the Tesserent SOC and delivering capability based on customers' needs. Patrick has engaged with hundreds of clients and understands the unique challenges posed by cybersecurity threat actors.

Kelly Clapham

Senior Partner - Cybersecurity Strategic and SOC

Kelly has 19 years of experience in the IT industry, with the last 10 focused on cybersecurity operations. He established the SOC for a large NZ MSP, moving to Tesserent 7+ years ago to bring his extensive local knowledge and experience including a deep understanding of the NZ market.

Lizana Muir

Partner - SOC Delivery & Operations

With 18+ years of working in the IT and communication industry and leveraging previous experience within the military, police and SaaS companies, Lizana is now focused on leading the SOC at Tesserent. She oversees the SOC Delivery and Operations teams and is focused on exceptional client experience through coordinating and managing customer deliverables.

Luke Payne

SOC Director

Luke brings 15+ years of experience in IT and Cyber Security Operations, overseeing Tesserent’s entire team of analysts, engineers and threat hunters in the Global Cyber Security Operations Centre. He brings a wealth of knowledge including Specialist Incident Response and Digital Forensics skills, as a result of specialised training from the Australian Defence Force Academy.

Frequently Asked Questions

Is your Managed Security Operations Centre (SOC) ISO27001 certified?

The Tesserent SOC is a world class, ISO 27001 certified facility where our team of dedicated cybersecurity specialists monitor and manage your environment.

Who works in your SOC? How experience are they?

Our SOC is staffed with senior security analysts and engineers, with many years of experience in the security vertical, as well as Operational & SOC managers who oversee security operations. SOC staff work closely with your organisation’s response team via our established playbooks, to ensure security issues are addressed quickly upon discovery.

Our analysts are trained to identify anomalous activity that could be indicative of a security incident or compromise, complimented by machine learning technology, ultimately designed to monitor abnormalities/algorithms to define patterns within security events through stringent correlation & triage activities, underpinned by highly scrutinised security frameworks.

What’s the role of Service Delivery Manager?

Your dedicated Service Delivery Manager will provide service governance and project management of contracted deliverables, ensuring continuous service improvement in line with your business growth while developing trusted relationships and being a client advocate for you within Tesserent.

The main responsibilities of the Service Delivery Manager are:

Be a primary contact for the customer, acting as a conduit into Tesserent and point of escalation

  • Oversee the delivery of services to our customers

  • Ensure that all subscribed services are consistently being delivered within SLA and to Tesserent standards

  • Manage the relevant SLA and ITIL processes

  • Ensure that all contracted service reporting is delivered as per SLA

  • Management of subscribed Service Review meetings

  • Maintain regular contact with the customer and evaluate feedback to develop quality service improvements

  • Have a clear understanding of the customers business and subscribed service(s) to drive continual service improvement

  • Work with the Tesserent Sales Executive to develop and manage additional projects related to the service.

Where is your SOC based?

Tesserent have established, Australian-based Security Operations Centres located in both Sydney and Melbourne.

What are the 7 phases of a cybersecurity incident response plan?

Tesserent follows the NIST 800-61 framework when dealing with major cyber security threats in our customers' environments.

The framework consists of the following steps;

Preparation – Tesserent’s proactive approach to incident response delivers your organisation an incident response plan, ensuring those responsible for participating understand their roles and responsibilities, and that your organisation has a plan in place when the worst happens. Preparation is a proactive measure that has the biggest influence on reducing the impact of cyber incidents, whilst assisting to prevent an incident in the first place.

Detection – Tesserent assists in ensuring that your organisation will not only have the appropriate security tools in place, such as SIEM and EDR, but that the information being collected is relevant and inline with best practice, assuring protection of the data that matters to you and keeping your security solution cost-effective. In addition to providing skilled analysts and engineers, we also arm them with advanced threat detection tooling and techniques such as AI and automation.

Analysis – Tesserent analyses security alarms, events, and incidents to deliver end-to-end incident response for your organisation. Our team of specialists analyses an incident to determine the source, how best to remediate it, and to confirm remediation steps are complete using a combination of automated and manual techniques.

Containment and Eradication – Containment and Eradication without the appropriate skills can result in further organisational damage - critical data may be deleted, or assumptions made on the ‘eradication’ of a threat actor, when they may still be active elsewhere, or commonly, have placed back doors in your environment to regain access. Tesserent has the skills to contain and eradicate major cyber security incidents to their entirety. Tesserent can also conduct forensic analysis when required.

Recovery – Tesserent supports organisations in recovery through post incident review, recommendations for improvement to prevent the recurrence of incidents, and supporting documentation reviews.

Post Activity – Tesserent will carry out any further forensic activities as requested by the Customer, including providing reporting aligned with your governing body, or federal government guidelines. Tesserent has the capacity to speak in court if your incident becomes a legal matter.

Contact us

Speak with a Tesserent
Security Specialist

Tesserent is a full-service cybersecurity and secure cloud services provider, partnering with clients from all industries and all levels of government. Let’s talk.

Let's Talk
Tess head 5 min