QMasters Tel Aviv Security Operations Center

MANAGED CYBER SECURITY SERVICES

StrongHold MCSS.

Your Extended Security Team. Built on Jira. Powered by AI.

MCSS is a fully integrated managed security service operated by 16 SOC analysts in Tel Aviv. Fixed price. No EPS overage. 1-hour TTD. The customer portal is your real-time view into every alert, investigation, and response action.

0
SOC analysts
0+
Customers
0 hour
TTD SLA
0+
IOCs daily

WHAT WE DELIVER

What's included. From day one.

24/7 SOC

16 analysts across Tier 1, 2, 3 — staffed 24×7 in Tel Aviv.

AI-Powered Detection

Detection engineering that closes coverage gaps with AI + automation.

Customer Portal

Built on Jira — real-time visibility into every alert and ticket.

MobileSOC App

Your SOC, in your pocket. Respond from anywhere.

Threat Intelligence

DailyIOC: 250K+ verified indicators, refreshed every 3 hours.

Automation Workflows

1,000+ playbooks operating across SIEM, EDR, identity.

Integrated Ecosystem

30+ best-of-breed partners. One operator. One bill.

Compliance Reporting

Weekly, monthly, and ad-hoc reports with embedded SLA metrics.

HOW IT WORKS

From discovery. To 24/7 coverage.

Assess

Full gap analysis. Log sources, detection coverage, and runbooks audited week one.

Integrate

Connect SIEM, EDR, identity, cloud — best-of-breed only. Custom rules tuned to you.

Protect

24/7 monitoring with 1-hour TTD and 15-min Critical SLA. Every alert validated by humans.

Evolve

Weekly tuning, monthly reviews, quarterly threat-hunt campaigns. Coverage compounds.

AI-POWERED DETECTION ENGINEERING

Seven dimensions. One detection fabric.

AI accelerates our detection engineers — humans sign every Critical. Coverage spans seven dimensions of the modern attack surface.

DIMENSION 01 · SIEM

AI-assisted authoring of QRadar/Splunk/Sentinel content tuned to your asset and identity model.

DIMENSION 02 · EDR

Custom CrowdStrike & Carbon Black detections, including IOA logic and behavioral patterns.

DIMENSION 03 · Identity

ITDR coverage across Entra ID/Okta — token theft, session hijack, OAuth grant abuse.

DIMENSION 04 · Cloud

AWS/Azure/GCP runtime + control-plane detections, CSPM drift, and IAM lateral-movement patterns.

DIMENSION 05 · Email

Phishing, BEC, malicious-link and attachment detections aligned to your Proofpoint/M365 stack.

DIMENSION 06 · Network

NDR signals (Vectra/Corelight/Suricata) correlated with SIEM and EDR for kill-chain assembly.

DIMENSION 07 · OT / IoT

ARMIS-driven asset visibility, ICS protocol decoding, and OT-specific behavioral baselines.

MOBILESOC · YOUR SOC, IN YOUR POCKET

Approve. Reject. Escalate. From your phone.

The MobileSOC app gives security leadership full investigation visibility from iOS or Android — every Critical, every analyst comment, every containment action. Approve a token revocation in the elevator. Sign off on isolation from the airport. No VPN, no laptop, no excuses.

  • iOS + Android push for every Critical
  • One-tap approve / reject / escalate
  • Full investigation timeline in-app
  • Biometric + SSO sign-in
MobileSOC · Live
CRIT
BloodHound enum · desktop5
HIGH
Token reuse · m.cohen@acme
MED
DLP · 14MB upload to drive
LOW
Failed MFA · ofira@acme
Approve
Reject

THE 8 KEY PRINCIPLES

What "managed" actually means. To us.

Eight non-negotiables every MCSS customer gets — by contract.

Human Intelligence Led

16 SOC analysts. Tier 1, 2, 3. Validated alerts only.

AI-Powered Detection Engineering

AI-augmented rule authoring across 7 dimensions: SIEM, EDR, identity, cloud, email, network, OT.

Built on Jira Customer Portal

Real-time visibility into every alert, ticket, and response action.

Best-of-Breed Ecosystem

30+ vendors orchestrated by one operator. One bill. One throat to choke.

MobileSOC App

Your SOC, in your pocket. Respond from anywhere.

Cyber Threat Intelligence (DailyIOC)

250K+ verified indicators, refreshed every 3 hours.

Automation Workflows

1,000+ playbooks across SIEM, EDR, identity, cloud.

Compliance Reporting

Audit-grade reports with SLA metrics and evidence.

CUSTOMER PORTAL

Built on Jira. Real-time. Real visibility.

The same ticketing system your engineers already know. Every alert, every action, every response — visible to your team in real time.

  • Live alert and ticket dashboard
  • Per-incident timeline with analyst commentary
  • SLA tracking with response and resolution metrics
  • Runbook and playbook library access
  • Weekly + monthly security reports
  • Mobile app integration (iOS and Android)
QMasters Portal · MCSS · Acme CorpLiveOPEN ALERTS12RESOLVED 24H47MTTR2:48CRITEDR · BloodHound activity · desktop5InvestigatingCRITIDP · Impossible travel · usr.platineInvestigatingWARNCloud · IAM PrivEsc detected · prod-awsInvestigatingWARNDLP · Sensitive upload · u.morganInvestigatingOKSIEM · Detection rule deployed · 2026-MAYClosed
Illustrative · Real customer data is not shown

12 ADDITIONAL MANAGED SERVICES

Specialist services. Bundled in.

Beyond the 24/7 SOC, every MCSS contract includes access to specialized practices.

Vulnerability Management
Threat Hunting Campaigns
Cloud Posture Reviews
Incident Response Retainers
Tabletop Exercises
Red Team Engagements
Detection Content Engineering
Log Source Hygiene Reviews
MITRE ATT&CK Coverage Scoring
Compliance Audit Support
Security Awareness Training
Supplier Risk Assessment

LIVE OPERATIONS

What 24/7 looks like. Right now.

DATA INGESTED
4.00 TB
ASSETS MONITORED
30K
SLA
15 Min
AUTOMATION WORKFLOWS
1,000
RESOLVED
847
CRITICAL
0
MTTR
3:12
ANALYSTS
4
PRODUCT SCREENS

The product. As our customers see it.

Mobile SOC app
Mobile SOC app
Customer portal — overview
Customer portal — overview
Portal — incidents
Portal — incidents
Portal — reports
Portal — reports

MDR PACKAGES

Three packages. No EPS overage.

MDR · SIEM-Standard

Foundation MDR for an existing SIEM

  • 24/7 SOC monitoring on your existing SIEM
  • Tier 1 + Tier 2 validated alerting
  • 1-hour TTD SLA, 15+ min Critical SLA
  • Customer Portal access (Jira)
  • Monthly reporting + quarterly review

MDR · EDR-Extended

POPULAR

Endpoint + Identity, with active containment

  • Everything in SIEM-Standard
  • Managed EDR (CrowdStrike Falcon Complete pattern)
  • Identity threat detection & response (ITDR)
  • Cross-stack correlation + active containment
  • SOAR playbook automation included
  • Weekly detection-engineering tuning

MDR · SIEM-SOC Premium

White-glove. Full-stack. Co-managed.

  • Everything in EDR-Extended
  • Co-managed QRadar / Splunk / Sentinel
  • Cloud (CSPM/CWPP) + Email + Network detection
  • Quarterly threat-hunt campaigns
  • Dedicated TAM + named Tier 3 lead
  • Custom KPI dashboard + executive QBR
OUR DIFFERENTIATOR

Human Intelligence-Led SOC

Everybody talks AI. We talk HI.

We combine the speed of automation with the judgment of experienced analysts. Every critical decision has a human behind it — an analyst who understands your environment, your crown jewels, and your risk tolerance.

FAQ

Questions. Answered straight.

  • 24/7 SOC monitoring, MDR, incident response, detection engineering, threat hunting, CTI (DailyIOC), and vulnerability management — operated by 16 analysts in Tel Aviv. Fixed price, no EPS or APM overage.

Explore more on our homepage page, see how our managed detection and response works, or browse support center.

READY WHEN YOU ARE

Ready for Real Detection & Response?

Book a 30-minute working session with a SOC engineer. Bring your alerts.

F-003 · CONSULTATION

Book 30 minutes. No slides.

A real working session with a SOC engineer — bring your alerts.