Hi there! I’m one of the newest additions to the Seceon Team. My name is Randy Blasik (V.P. Technology Solutions). Welcome to the “Golden-Era” of Cyber Security!
For the past 7 years I held the role of Chief Technology Officer where I was a key driver in turning an average Managed Service Provider (MSP) business into a nationally recognized U.S. based Technology Service provider. One of the multi-million dollar per year business verticals I architected as C.T.O. was a Managed Security Service which included full remediation. Shout out to my team, I couldn’t have been successful on my own. Their dedication along the way was paramount to our team success within this vertical. Anyhow the service is executed in regulated industries such as Financial Services, Manufacturing and Healthcare. Most importantly our clients seemed to really find value in the security service too, especially after passing regulatory audits with flying colors every year and largely avoiding current Cyber threats.
In my current role, I want to use my experience to help you deliver a comprehensive cyber security solution that you, your team and your customers value. The good folks here at Seceon have provided me this web platform as an easy way to share my perspectives to a wide audience.
I will add segments regularly that will include different topics around all things relating to MSSP Business.
Part 1: Operational Efficiency & 5 Ways the Open Threat Management (OTM) Platform improved my MSSP’s operational efficiency.
Ask yourself this question: “Are my Security Operations efficient?” Regardless of the answer you and your team should always include a strategy to improve efficiency. Putting the focus on driving towards efficient operations was always a secret weapon for my firm. It helped us sustain our quality of service during our organizations rapid growth because we could chew through service tickets. Efficient internal processes helped us react to new threats without distracting us from our day-to-day activities and helped us in situations when staff resources were limited. Finding a good Security Operations Analyst is like trying a find a unicorn, right? Of course, picking the right core Security Platform built from the ground up with operational efficiency in mind, a platform like Seceon aiXDR helped too.
5 ways the Seceon aiXDR improved my MSSP’s operational efficiency:
- During the onboarding of a new client the service provider spends a lot of time correcting past sins as well as ensuring its own systems are setup and working properly. Often a service provider doesn’t turn a profit in the first few months after taking on a new client. With the Seceon aiXDR, Setup and deployment is simple. To start deploying the Seceon aiXDR Platform we chose to host the Analytics & Policy Engine (APE), a required Seceon aiXDR component, with Seceon so they took care of the deployment of this component. A bonus is that they also take care of updating it in the future! To deploy the Seceon XDR endpoint across thousands of devices we published a Powershell script to our Remote Management and Monitoring platform (RMM) which took care of the endpoint installation. For the first few deployments of the Seceon aiXDR platform our Sr. Team members took the lead and used the Microsoft Windows Step Recorder tool as we setup infrastructure. Using the Windows Step Recorder helped us quickly generate internal work instructions for additional tasks like the Seceon aiXDR Collection and Control Engine (CCE) deployment. We uploaded the work instructions to Sharepoint so they could be easily modified as needed but more importantly could be read and followed by our newest team members. One month we onboarded 60 Clients!
Screenshot featuring the view of MSSP Dashboard with Different Client Tenant View
2. Using the Seceon aiXDR included API we were able to push Seceon OTM platform alerts to our ticketing system. This allowed us to use our ticketing systems reporting and workflows. It’s important to note most ticketing systems can create tickets from emails received, the aiXDR platform can send alerts as emails. But we chose to leverage the API because we could combine the aiXDR platform data with data from our RMM before we created a service ticket. The end result was quicker time to resolution for all service tickets generated by the aiXDR platform.
Image Featuring how easily it can be configured with Seceon aiXDR GUI.
3. We regularly used the Seceon aiXDR platform to verify alerts from other security layers in our security stack eliminating time wasted when working on false positives.
Screenshot featuring the Critical Alert Notification is always on top priority.
4. Alerts from the Seceon aiXDR platform raised to Security Operation Analysts (SOC) include MITRE technique ID’s. Our standard operating procedure included the review of technique ID’s. If you’re not familiar with a technique ID you should really check them out. MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real world observations. The ID and corresponding detailed knowledge base articles helps an analyst quickly and accurately asses threat indicators including identifying potential zero day threats. Also talking about Technique ID’s help SOC Analysts feel really cool at the lunch table!
Screenshot Featuring MITRE Attack Framework form aiXDR GUI
5. Updates to core Seceon aiXDR components can be automated or if you want a more controlled approach updates can be pushed from the platform’s web portal by clicking a button. We chose to push updates with the Portal’s magic button so we had more control as to when to test our use-cases. In either case Seceon does the heavy lifting of updates making the process quick and painless.
Screenshot (i)Featuring Push Button Remediation and (ii) Auto remediation
Randy Blasik
Randy is a veteran of more than 20 years in the fields of Technology development, Technology Support and Cyber Security. Prior to Seceon, Randy has spent the last 7 years working as the Chief Technology Officer where he played a key role in building the business into a nationally recognized Managed Services Provider. Randy has also held key technology focused roles in small, mid and large market firms dating back to the year 2000. At Seceon Randy provides seasoned leadership, oversees Technology Solutions and is using his wide range of experience to drive both internal and external successes.
