Security operations · 3 MIN READ · TYLER FORNES · APR 20, 2021 · TAGS: Guide / SOC
Since 2020 and 2021 are apparently The Year (Years?) of Zoom, we’re scrapping the in-person things that once felt like must-dos, like booking a plane ticket to meet face-to-face with that new vendor you’re evaluating.
In pre-pandemic days, we invited prospects to physically come and visit our headquarters and Security Operations Center (SOC).
They got to tour our SOC, meet the team, chat with our execs and get a feel as to whether Expel was the right security partner for their org.
In fact, we used to even give prospects a pre-read before coming to see us in Herndon. It wasn’t the usual marketing fluff you’d expect to receive; instead, it was a laundry list of recommendations for how to pressure test a potential security provider during the visit.
Thanks to our new Zoom-first environment, we decided to create a new, completely virtual way to give prospects a strong sense of what working with Expel would really be like.
Enter Expel’s Virtual SOC tour.
What’s a virtual SOC tour?
Our virtual SOC tour is exactly what it sounds like – we’ve tried to recreate that former in-person experience to give our prospects a solid look at who we are and how we can support them.
This behind-the-scenes look gives you a chance to:
- Meet our experts, including our CEO and at least one of our lead SOC analysts
- Get an understanding of what transparency means to Expel
- Learn what to expect as an Expel customer and how we’d work with your team
- Ask all your burning questions
How to prepare for your virtual SOC tour
While there’s nothing you have to do to prepare – the process is truly as simple as signing up and showing up from behind your computer screen – we like to share a few tips that’ll help you get the most out of a virtual SOC tour.
We think these are useful things to do whether you’re meeting with us or another vendor.
First, preparation is key. Go into the conversation knowing when you want to buy, what you want to pay and which SOC “features” are must-haves for you and your team (24×7 monitoring? Phishing support? Something else?).
In addition to preparing and knowing what you want out of the meeting, come ready with a list of questions that’ll help you truly get an understanding for how the vendor operates.
Here are the things we think you should ask about as you’re “touring” with a potential new security partner.
5 questions to ask during your virtual SOC tour
#1: “Can I talk to a handful of your customers?”
You’ll get a higher fidelity picture of customer life by talking to customers. (Shocking, right?)
During a SOC tour, you’ll likely be shown what the provider wants you to see by default. What we at Expel want you to see may be different than our competitors, but it will still be what we want you to see. Don’t let a potential provider get away with that.
If possible, line up the customer chats before (or shortly after) the virtual SOC tour.
#2: “In the past 12 months, what third-party integrations have you done? Which features did you release and why?”
A vendor’s plans for the future are well and good … and necessary. However, consider asking about what they’ve built in the past.
You know how you ask about work history when you’re hiring someone? The same thing applies here, as past behavior is a great predictor of future action. Can the vendor answer questions about what they’ve built so far? Can they tell you why they made the decisions they did? This will tell you a lot in a short time.
#3: “How will you help take [annoying thing your team doesn’t enjoy] off my plate?”
Be selfish. There are other things you want to get done besides the mundane day-to-day of security operations.
What are the tasks you don’t want to have to worry about? What would make you and your security team happy? (Yes, you can say “security” and “happy” in the same sentence.)
#4: “Can I see some deliverables?”
You’ll definitely want to see some deliverables. These obviously have to be scrubbed, so asking in advance is important.
In addition to asking for deliverables, ask to see what it looks like when something goes wrong. What does that communication loop look like?
Because something will go wrong. Anyone who says otherwise is lying.
#5: “Can I set up some additional time to meet 1:1 with a shift analyst?”
Time to ask for something off script. During the virtual SOC tour, ask if you can spend a bit of time with a shift analyst – someone on the pointy end of the spear whose responsibility is providing service. If your request is met with anything but a resounding “yes,” that’s a warning sign.
When you talk to the analyst, have a conversation to find out what it’s really like to work at the provider. Do you leave the chat wanting to hire them? That’s telling.
Make your potential provider uncomfortable
Visiting your current … or would be … managed security provider can be a telling experience. It’s the best way to separate fact from fiction and see what you’re buying first hand.
In addition to the mechanical requirements – like seeing the SOC, getting the security program presentation and peeking at the roadmap – think about evaluating the truth in between the lines.
Want to join one of Expel’s virtual SOC tours? Send us a note.