Frequently Asked Questions

Updated 22 July 2021

  • What is the Tracelay Insight Platform?

    The cloud native Tracelay Insight platform sits underneath all our security operations solutions. It collects, enriches, and analyzes security data at scale, feeding relevant security information to Tracelay Overwatch Security Teams to detect threats or risks in real time.Crystal clear dashboard will provide an overview of the information available on the alerts and reports tabs in the Insight portal.The client portal option allows self-service of five key business relationships digitally, including quotes, subscription, contracts, invoices, and reports. Reach out to your Tracelay account manager for any additional questions!

  • How does my Tracelay Overwatch Security team help if an issue is found?

    The Tracelay Overwatch Security Team (OST) is your single point of contact for your Tracelay Managed Risk solution to help you through remediation if a critical risk is found. Your OST serves as your trusted security operations expert and as an extension of your internal team. They help you to customize service to your needs & Continuously scan your environment for security risks.They perform monthly risk posture reviews & Provide actionable remediation guidance.The team delivers a customized risk management plan to prioritize remediation and measure progress

  • Does Tracelay Overwatch Team have visibility into indicators of lateral movement?

    Yes. The Tracelay (OST) Agent provides visibility into indicators of lateral movement.

  • How is the criticality of a vulnerability determined?

    For CVEs and those with known exploits, the criticality of vulnerabilities is obtained based on CVSS information available. For other risks that are not pure CVEs, criticality is assessed based on factors such Network Vulnerability Tests (NVTs) that come from opensource community feeds & from our commercial advanced Threat Intelligence tools

  • How does Tracelay store data?

    Tracelay stores data in our scalable cloud-based data lake for analysis, compliance, reporting, and retention.

  • How does Tracelay determine pricing?

    All Tracelay solutions & services have simple, predictable pricing based on consistent inputs such as users, servers, and network endpoints.

  • How much money can I save with Tracelay SOC over a DIY SOC strategy?

    It depends on which security operations challenges you are facing, but typical organizations have experienced an ROI of 311% from adopting Tracelay security operations solutions. To understand more about your organization’s potential savings, check out our ROI Calculator.

  • Can Tracelay help me meet my compliance obligations?

    Yes. Tracelay’s security platforms key capabilities required under many compliance frameworks (such as PCI, HIPAA,SOC2 or NIST). Tracelay Overwatch Security Teams will provide standard and custom support and additional work to support audit and compliance reporting.

  • Can I co-manage my security operations with Tracelay SOC?

    Tracelay provides security operations solutions & services, not co-management. All our solutions are delivered through our proprietary cloud-based platform and managed by our Security Teams, in consultation with our customers. However, customers have access to the solutions through our portals, reports, log search tools, and more.

  • How long does it take to deploy solutions & start coverage?

    It depends on the Tracelay solution offerings and the customer’s timeline and priorities. Some security solutions can be made available in minutes or hours. Rapid deployment of other solutions can be completed within a week, if necessary, or can occur over a longer timeline. If you are responding to an active security threat or incident, please contact us immediately to understand how soon Tracelay security operations can protect your business.

  • What happens when Tracelay finds suspicious activity in my log data?

    When suspicious activity is observed by Tracelay, an incident is automatically created by the Overwatch Security Team (OST) to investigate further. Important details about the incident are included, such as the site(s) and system(s) affected, a description about the activity, when it was detected, etc. Resolution information about why this incident was created and how to remediate is also included and managed by the OST until the incident is closed.

  • How does Tracelay SOC minimize false positives?

    The Tracelay SOC Platform collects, enriches, and analyzes data from a broad array of sources across your networks, endpoints, and cloud environments. Leveraging several AI detection engines, various sources of threat intelligence, and machine learning, this broad dataset is further analyzed to identify suspicious activity to raise incidents that are further connected with SOAR Automation & Response then investigated by your security operations expert to eliminate false positives..

  • Can Tracelay help me contain threats?

    Yes. When a critical incident is discovered, your security operations expert from the Ovrwatch Security Team works with you to initiate the Managed Containment workflow. This capability is designed to stop the spread of threats across your environment by isolating the threat at the network and host-level.

  • Can Tracelay SOC monitor cloud apps/infrastructure?

    Yes. The Tracelay Cloud Monitoring solution works with Managed Detection and Response to collect telemetry and other insights from your SaaS applications such as Office 365 and IaaS cloud environments such as AWS and Azure.

  • Can I customize what Tracelay monitors?

    Yes. Your security operations expert from the Overwatch Security Team works directly with you to create custom rules unique to your environment, in addition to the included out-of-the-box detection capabilities. Alerts can be tuned based on threshold, criticality, and several other factors with your OST based on the unique needs of your organization.

  • What log sources can Tracelay monitor?

    Tracelay works with your existing IT and security infrastructure to monitor information from a growing number of available log sources across: Active Directory, Authentication, Endpoint, Firewalls, IDS/IPS, Mail Servers, SaaS/IaaS, SSL-VPN, UTM, WAP, Web Gateways, and more.

  • How does my Tracelay Overwatch Security team help if an issue is found?

    When an issue is found, SOAR personalized workflows & playbooks trigger investigations that your security operations expert further analyzes to assess the severity of the threat. Tickets are created for critical events and the end-to-end workflow from detection to response is managed by your Overwatch Security Team (OST). Not only does the OST work directly with you on detection and response, they provide remediation and validation that the threat has been neutralized and hasn’t returned.

  • What is Managed Cloud Monitoring?

    The Tracelay Managed Cloud Monitoring solution provides 24×7 monitoring of your Infrastructure as a Service (IaaS) and Software as a Service platforms, providing awareness of your risks, misconfigurations, and threats across your cloud environments.

  • What is Managed Detection and Response?

    Tracelay Managed Detection and Response features 24×7 monitoring of your networks, endpoints, and cloud environments, along with a managed approach to detection, response, and recovery from modern cyber threats through managed triage and overwatch services.

  • Does Tracelay work with other customers in my industry or enterprises with a similar number of employees?

    Yes, almost certainly. Tracelay works with customers across all major industries, including financial, healthcare, legal, government, manufacturing, retail, and more. Check out our case study sheets to see some examples of businesses where we’ve delivered security operations success. If you don’t see your industry or scale represented there, please reach out, and we’d be happy to provide more information on what we’ve done to secure businesses like yours.

  • Why should I consider using Tracelay suggested solutions over other security point products and managed services?

    We are rewriting the rules on how organizations protect themselves against rapidly evolving adversaries. Today’s threat environment requires understanding the adversary and attack landscape. Since our start in 2019, our technology has stopped the world’s most advanced cyber attacks. And we harbor even greater ambitions.We are different the military is part of our heritage. Many of our employees have held managerial and commanding positions on cyber security teams, giving them extensive experience with hacking operations. We are applying the military’s perspective on cyber security to enterprise security.The cybersecurity industry has spent decades developing generation after generation of increasingly sophisticated and more powerful point products, and IT teams have worked equally hard to acquire, adopt, and implement those tools. But the scope of cyber-attacks continues to grow. When we look at major breaches and cybersecurity incidents, we typically observe that the businesses had sufficient tools in place to prevent or detect the breach—but attacks happened anyway. Why does that happen? It’s because the gap in cybersecurity resources today is not a tools problem, it’s an operational gap, and Tracelay is introducing the next generation of modern security operation services & advanced sophisticated solutions to the customers to manage next generation cyber-attacks.Tracelay offers India’s one of the first SaaS based security operations solutions & services. Unlike other vendors based on subscription-based pay as you go model, we focus on delivering and managing a security tool for their customers, Tracelay SOC platforms deliver actionable insights security operations outcomes, whether that’s 24×7 alerting, targeted remediation, or strategic guidance. We’re there for every step of your security journey.