SOC on Demand - the right protection, right when you need it
On-Demand SOC means we temporarily connect your IT landscape to our security monitoring and respond to suspicious events and incidents (phishing, account takeover, malware, attacks against your website/VPN/servers) for as long as you need: one-off, 7–30 days, or on a retainer.
We connect fast, work flexibly, with no long-term contracts.
ITDEPO’s On-Demand SOC delivers incident detection, response, and SOC-level expertise precisely when your business needs it.
Your benefits choosing us
SMBs & micro-businesses:
Need protection right now without a full in-house security team.
In-house IT teams:
Short on capacity during peaks or for specialized tasks (IR/forensics).
Product & e-commerce teams:
Elevated “risk windows” around releases and promos.
Audit-bound companies:
Need proper logs, processes, and reporting for reviews
When this solves the problem
- An incident just happened and you need immediate help.
- You expect elevated risk (product launch, promo campaign, media buzz).
- You need temporary monitoring (7–30 days) or a standby retainer.
- You’re preparing for certifications/audits (ISO 27001, GDPR/NIS2) and need logs analysis and reporting.
What Your Company Get
Monitoring & Detection
- Integration of key log sources (M365/Google Workspace,
Windows/Linux servers, network, WAF, cloud). - Correlation rules tailored to your environment.
- Critical alerts with an agreed SLA.
Incident Response
- Event triage, asset isolation, rapid containment (“stop the bleed”).
- Forensics on artifacts and evidence preservation.
- Recovery plan with concrete actions and recurrence prevention (hardening & lessons learned).
Threat Hunting (session-based)
- Targeted hunts for indicators of compromise (IoCs) and attacker TTPs.
- Actionable reports with clear next steps for your IT/Sec team.
Audit Reporting & Compliance
- Event summaries, timelines, and findings.
- Supporting materials for internal policies and external audits/reviews.
HOW IT WORKS
1. Quick kickoff
A short goal-setting call (15–30 min).
2. Connect sources
Agree what we ingest: cloud/servers/email/network.
3. Set the SLA
Communication channels, event severity classification, response time, roles & responsibilities, dedicated resources.
4. Operate
We monitor, respond, and report — only when you need it.
On-Demand Packages
1) IR Standby (Retainer) — your “hotline”
- SOC/IR engineer dedicated reserved hours each month
- Priority queue with guaranteed response time (per SLA).
- Best when things are calm, but you want to be ready.
2) Burst Monitoring — 7 / 14 / 30 days
- Temporary SOC coverage for peak risk periods (launches, promos, audits).
- Environment-specific detection rules, alerts, weekly report.
- Extendable by 7-day increments anytime.
3) One-Off Incident Response
- “It’s burning now” engagement: containment, forensics, root cause, recovery plan.
- Executive-ready post-incident report.
4) Continuous Lite (MDR-lite) — month-to-month
- Baseline continuous monitoring with no long-term lock-in.
- Pause/resume as needed.
Add-ons (optional): 24/7 coverage, EDR/SIEM stack, phishing simulations, tabletop exercises, audit prep (ISO 27001 / GDPR / NIS2).
Pricing & scope vary by environment size and tools in place — ask for a tailored quote.
