onShore Security

Because Security Gives Us Freedom.

Why We Win

 

Why We Win

Unrivaled in Managed Detection and Response

onShore Security is the best in the MDR business. We're one of only a handful of managed cybersecurity providers, nationwide, that provide 24/7 real-time monitoring, correlation, and analysis of organization-wide full-telemetry network data. With our purpose-built Panoptic Cyberdefense® cybersecurity detection platform, we collect data from any system, our own Panoptic Sensor® on your site, cloud-placed sensors, cloud hosts and vswitches, netflow collectors, XDR, firewalls, network devices including encrypted payloads, and correlate that with logs from your systems to achieve an end-to-end security view.

  • Provider
  • Long history in the industry
  • Focus on MDR
  • Large Network background
  • Purpose-built platform.
  • Mid-market and Enterprise focus
  • Orchestration with network protection
  • Full telemetry
  • Fully turn-key
  • Includes sensors
  • Incremental costs
  • Customized connectors
  • onShore Security
  • We've been doing MDR since 2004, before almost anyone!
  • In 2015 we pivoted to pure-play cybersecurity with Panoptic Cyberdefense® MDR as our core offering.
  • We began with monitoring our own ISP sister-company before extending into large regional banks.
  • Our platform is built, on ELK, to empower the analyst. We feed them what's right to focus on without limiting their access to power pivots for investigation and threat hunting.
  • Panoptic Cyberdefense® is a high-value, high-touch MDR service with analysts working on your security telemetry all day, every day.
  • We provide any level of automated orchestration desired by our clients.
  • Our rules and process cover all data types and sources.
  • Our onboarding includes all source ingestion connectors, parsing, rules, tuning, reporting, even custom client dashboards.
  • Panoptic Sensors are included for packet captures and log collection.
  • No. None. We don't charge by source or events because those should never be a cost-cutting factor and all platform licensing is included.
  • We'll build a connector for your unique application or source.
  • The stubborn grand-daddy
  • Our oldest competitor. We've replaced them twice.
  • Focus on MDR but pivoting lately.
  • Criticised for not knowing their clients' networks.
  • Proprietary platform.
  • Focus is mid-market but moving down-market lately.
  • Limited orchestration. Left to IT to configure.
  • Full telemetry.
  • Connector configuration and dashboards left to client.
  • Includes sensors.
  • Charges for sensor storage and source ingestion.
  • Limited customization with additional costs.
  • Product company expanding to services
  • Newer to MDR. We've won against them.
  • Offshoot of product company.
  • No.
  • Proprietary platform.
  • No.
  • No.
  • No. Weak on network telemetry.
  • No. Leaves much configuration to IT and Infosec.
  • No.
  • Charges by events and source type add-ons.
  • No.
  • VC-backed co-managed play
  • Recent launch. We've won against them.
  • Yes, but co-manages client SIEM (MSSP).
  • Yes.
  • No. Really an MSSP.
  • Yes.
  • Limited to platform and dependent on IT.
  • Limited to platform and no historical process.
  • No.
  • No.
  • Charges per seat, but leaves software licensing to the customer.
  • No.
  • Huge VAR trying to do managed services
  • No. VAR with recent attempt at managed security. We've replaced them at a regional public bank.
  • No.
  • Yes.
  • No. Uses QRadar components.
  • Yes.
  • Limited. Much left to customer.
  • Only with many expensive add-ons.
  • No. Customer left to configure much.
  • No.
  • Many incremental costs for activity, licensing, storage, integration.
  • No.
  • VC-backed SMB play
  • No. We've won against them.
  • Yes.
  • No. They struggle with any network complexity.
  • Yes, but focus is on automated alerting, not empowering the analyst.
  • No. They are a "checkbox" SMB play.
  • No.
  • No.
  • Yes, without tuning or network telemetry and other sources.
  • No.
  • Per employee licensing gets very expensive above 500 seats.
  • No.

onShore Security Clients

US Subsidiary of International Bank

Assets: $40 Billion

Global Construction And Design Firm

Revenue: $5 Billion

Community and Commercial Bank

Assets: $6.5 Billion

National Transportation Services Company

Revenue: $1.5 Billion

MDR Specialists

Most cybersecurity providers today are really just managed solutions providers or glorified VARs who raised their hand one day, licensed a SIEM, and called it Managed Detection and Response. Still others leverage some great automation and keep it cheap, checking off the compliance checkbox. The product vendors out there climb over each other trying to be a full-stack detection platform, remaining incomplete and inflexible. Only very few MDR companies truly built their platform for the purpose of empowering their analysts with the flexibility of wide ingestion and extensible pivots. Still fewer have the years of battle-hardened process to truly navigate the threat detection waters.

Choosing a company that specializes in MDR is important because though companies may present themselves as general security specialists, capable of MDR, their true value often remains whatever the initial specialty of the company was. This leaves the client with a less-than-optimal operation as the security provider works outside of their actual expertise. Security service providers typically do this because cybersecurity can be seen as one comprehensive area of understanding, but in practice is more like a cluster of related specialties. Providers want to capture any business they can, above and beyond their specialty, and will often mask their true expertise in order to appear to be generalists.

Compliance at the Highest Level

In the pragmatic world in which cybersecurity operations are built, there are three levels of compliance. There is the bare minimum: just enough to be “street legal” and be compliant with the cybersecurity regulations that exist for your industry, with no concern for any future regulation or the intent of it.

There is the next level: feeling secure. Your security operation tells the board what they want to hear and helps them sleep at night. Not necessarily because the company is secure, but rather that they are off the hook. They were told they were secure.

The highest level, of course, is true security maturity. Though some mid-sized businesses may see this as aspirational, especially for industries with few cybersecurity regulations (at the moment), true security maturity brings benefits that grow business. Organizations at this level are prepared to jump at opportunities with more stringent requirements and won’t be slowed down by inevitable new regulations as they are implemented. They're also concerned with the spirit of the requirements which is to be truly and auditably secure.

onShore Security is proud to specialize in MDR and that’s one of the reasons we’re the best MDR in the business. We focus on MDR because we know it’s the most important part of a mature cybersecurity operation. Your business is too important to risk on a vague promise that a company “can do” MDR. Just as you wouldn’t go to a general practitioner to handle heart surgery, working with true specialists in managed detection and response guarantees a smarter, more efficient, and less expensive outcome, with auditable results you can bring to your board of directors.

How Compliant Are You?

Three Common Levels of Compliance

 

Minimal


A minimal operation, established to meet the basic requirements of compliance in order to do business.

Standard

 

Meets the standards of industrial peers, securing the operation enough to “feel” secure and confidently compliant.

Proactive


Security operation is orchestrated, includes protection, detection, and response, and strives to meet highest standards.

312-850-5200

216 W. Jackson Blvd.
Chicago, IL 60606

info@onShore.com