Sicra SOC provides organizations with continuous monitoring, analysis, and handling of security incidents. The service combines a leading Managed Detection and Response platform with Sicra’s security expertise and local advisory.
The result is improved visibility into the threat landscape, faster response, and a clear foundation for security governance.
The service is built as a flexible model with three levels, allowing you to choose the right balance between internal capacity and external support.
Three levels, tailored to your needs
Sicra SOC is delivered in three levels, depending on how much support you need and how much you want to manage internally.
Basis: Provides a direct MDR delivery.
Active: Provides a local security partner and closer follow-up.
Total: Provides a 24/7 security organization as a service.
In short, the levels can be summarized as follows: With Basis, you start simple with strong detection. With Active, you gain local context and structured follow-up. With Total, you get a complete, operational security partner.
What the service delivers
Regardless of level, you get a solid foundation for security monitoring.
The service includes continuous threat monitoring through analysis of logs and events from critical systems, enabling early detection of anomalies and suspicious activity.
It also includes detection and alerting, providing early identification of attacks and unwanted activity so incidents can be handled before they escalate.
When needed, incident handling is carried out with measures to limit damage and restore normal operations.
In addition, the service provides security insight through ongoing assessment of risk, vulnerabilities, and improvement measures.
The difference between the levels lies in how much responsibility Sicra takes for follow-up, analysis, and handling.
Service levels
The levels describe how much responsibility and follow-up Sicra takes on, and how much you manage internally.
Basis
Basis provides simple access to advanced detection.
The service includes direct MDR delivery, log collection and analysis, alerting via portal and phone, and the option for automated response by agreement. You also get security reviews through SPiDR.
Suitable for organizations with in-house security expertise and the capacity to follow up on incidents themselves.
Active
Active provides MDR with a local security partner.
You get a local contract partner (MSP+), a dedicated Technical Account Manager, and regular review of weekly reports. We participate in security meetings and translate technical findings into business risk. The service also includes SLA-based support during business hours.
Suitable for organizations that want better control, understanding, and prioritization without building a large internal security function.
Total
Total provides an extended security organization.
You get full case integration between your organization and Sicra. Sicra handles incidents on your behalf, and the service includes 24/7 on-call support, proactive analysis in your organizational context, local coordination during major incidents, and support for recovery and regulatory requirements.
Suitable for organizations with high risk, regulatory requirements, or a need for continuous security capacity.
What is included
All levels are built on the same MDR platform, with the difference being the level of follow-up.
With Basis, you get detection and alerting. With Active, you gain better understanding and prioritization. With Total, you get incident handling and operational support.
The higher the level, the more responsibility is shifted from your internal team to Sicra.
Typical incidents we handle
Sicra SOC monitors and handles a wide range of security incidents, including ransomware and extortion attacks, compromised user accounts, data theft and data leakage, unauthorized access and lateral movement, as well as suspicious traffic and anomalies in the environment.
All incidents are assessed in the context of your organization, not just based on technical severity.
Support for compliance and security governance
Sicra SOC strengthens your work with compliance requirements such as ISO/IEC 27001, NIS2, and DORA.
The service provides necessary traceability and logging, documentation for audits, and a structured approach to security follow-up.
Business value
Sicra SOC reduces risk through faster detection and response, limiting the impact of incidents. At the same time, it improves decision-making by placing security in the context of business and operations.
The service contributes to increased security maturity through continuous improvement of security practices. It also enables more efficient use of resources by reducing the need to build an in-house SOC, while maintaining the flexibility to scale as needed without major investments.
When to choose what
The choice of level depends on your internal capacity and need for support. If you have the capacity to follow up on alerts yourself, Basis is a natural starting point. If you need help understanding incidents and prioritizing actions, Active provides better support and structure. If you lack the capacity to handle incidents operationally, Total gives you a security partner that takes greater responsibility for follow-up and handling.
Why Sicra SOC
Sicra SOC combines global detection capabilities with local understanding of your business, risk profile, and regulatory requirements.
This means you do not just receive alerts, but also prioritization, context, and concrete recommendations that enable you to act quickly and effectively.
Together, this provides a stronger foundation for managing security incidents, reducing risk, and working more systematically with security over time.
%20og%20IKT%20Nordfjord%20er%20kunde%20av%20Sicra-1.jpg?width=292&height=195&name=SYSIKT%2c%20IKT%20Nordhordland%20(IKTNH)%20og%20IKT%20Nordfjord%20er%20kunde%20av%20Sicra-1.jpg)
