Cyber Threat Management platform for partners

Providing world class service in defense against known and unknown threats

Cyber Threat Management platform for partners

Defense against known and unknown threats – From the perspective of a customer, retaining the services from a provider offers a great way to enhance security, but often results in losing the overview. MSS services are rapidly becoming a commodity. How do you offer an efficient and yet differentiated service to your customers or internal organization? Can you make the leap to providing asset based information that is more relevant to decision makers?


In our view, it is no longer tenable for organizations to assume they can cope with the current threat landscape by employing fragmented and static solutions. To stand a fighting chance against the more advanced threats, organizations need to build up (or outsource) operational capabilities in the four critical areas of intelligence, prevention, detection and response.

Organizations are increasingly finding that the traditional approach to security including ‘fire and largely forget’ solutions, is not working to address the current threat landscape. In addition to requiring ongoing security operations to manage risk, intelligence is taking on an increasingly larger role.

Platform for advanced cyber security operations

The intelligence-driven Cyber Threat Management platform is in essence the underlying technology for conducting advanced cyber security operations. The portal serves as the gateway to all underlying systems in the Cyber Threat Management environment. It will be used by our own analysts, or those of our partners (managed service deployment) or by end-customers (hybrid service deployment) to conduct cyber security operations on various levels. The portal also abstracts the technical and operational information for tactical and strategic management. The level determines the functionality, information form and abstraction. On the operational layer, analysts are presented with a threat analytics environment with integrated workflow from which they are able to see and investigate security incidents. The environment also enables analysts to do threat research and apply intelligence to the overall platform.

For larger organizations it is economically feasible to self-administer security operations. Additionally, operations may be be tailored to specifically address security concerns relevant to the organization specifically. Setting up such an operation requires a tremendous amount of expertise in terms of processes, knowledge and the technology required. Is there a way to set such operations up quickly?

As cyber security receives more attention, the market is rapidly being saturated with MSSPs offering services to fulfill demand. Many MSSPs are now using the same underlying technology and even operating model. Consequently, this poses a challenge to their ability to differentiate themselves from other parties. Additionally, as more customers are served, remaining efficient while still offering a differentiated service becomes a critical challenge.

Key benefits

  • Approved 01_DB
    Offer a world-class service

    Provide a world-class and differentiated threat detection service with unique flexibility in service delivery

  • 24-7_DB
    Real-time Situational Awareness

    Provide situational awareness through real-time visability on your clients digital domains

  • Forensic_DB
    Advanced Theat Detection

    Provide multiple layers of detection and a proven workflow for effective operations to mitigate cyber threats

  • Expand_DB
    Flexible service delivery

    The platform offers the possibility to outsource (more advanced) incident handling to Fox-IT when needed

  • Network_DB
    Open architecture 

    The CTMp platform also integrates with your other (existing) sources of information, including SIEMs and other sources

  • Change 02_DB
    Collaboration & Capability Development

    Offers partners a development path towards a hybrid or fully independent SOC

Why Fox-IT

Fox-IT understands that security is an ongoing process that should cover detection, prevention, response and intelligence. Our security specialists have a thorough understanding of these elements, gained from extensive operational experience in providing a wide variety of security services. We have a long history of incorporating threat intelligence in our way of working. This is the key characteristic throughout the services we deliver.

We track the most serious threat actors and gathering and analyze threat intelligence on a 24/7 basis. Fox-IT applies its knowledge of the latest cyber threats directly in its services and uses it to design, build and validate innovative solutions that protect against both regular and advanced persistent threats. The resulting solutions are then utilized in our ongoing operations, professional services and made available to our clients. This approach has led to the development of one of the most advanced Security Operation Centers in the world.

The Nuclear Security Summit in 2014 was a huge challenge for our city. Because of its diplomatic intensity, we knew there were chances of being targeted by sophisticated cyber adversaries. That’s why we needed the best experts in cyber security. For us it was self-evident to work with Fox-IT, our partner within The Hague Security Delta. The result? A successful and safe summit, thanks also to Fox-IT’s hard work in the background.

The Municipality of The Hague