Managed SOC & MDR, answered.
The questions banks, schools and IT teams ask us most — about how Hello SOC works, what it covers, and where your data lives.
- What is a managed SOC?
- A managed SOC (Security Operations Center) is an outsourced team and platform that continuously monitors your network and security logs, detects threats, triages alerts, and coordinates response — so you get 24×7 coverage without hiring and rostering your own analyst team. Hello SOC delivers this as one product: detection, AI triage, and response automation in a single dashboard.
- What is the difference between MDR, SIEM and a managed SOC?
- A SIEM is the software that collects and searches logs — it gives you a search box, not outcomes. MDR (Managed Detection and Response) adds a service layer that detects and responds to threats on your behalf. A managed SOC is the full operation — people, process and platform — running that MDR around the clock. Hello SOC ships pre-built detection, AI triage and response in one product, so you operate a SOC instead of assembling a SIEM, a ticketing tool and a separate SOAR.
- How quickly can Hello SOC be up and running?
- Detection is live on day one. A lightweight edge collector ships your FortiGate, Linux, web and SNMP telemetry over an mTLS-secured gateway, and pre-built rules start firing immediately. You receive your first weekly digest within a week, and a signed monthly compliance report within the first month.
- Which firewalls and log sources does Hello SOC support?
- Today Hello SOC ingests FortiGate (FortiOS) syslog, Linux auth and mail logs, Nginx and Apache web logs, and SNMP metrics. Automated response (block-IP) runs against FortiOS now, with Sophos and Palo Alto adapters and Microsoft 365 / Google Workspace ingest on the 2026 roadmap.
- Where is my data stored, and is it compliant with Indian data law?
- By default your logs are stored in the Mumbai region, with EU, US or UAE residency available on request. Each customer gets a dedicated, isolated data store with encryption in transit and at rest. Hello SOC is built to be DPDP Act 2023 and GDPR aware from day one, and supports CERT-In-formatted incident reporting.
- Does Hello SOC help with RBI, CERT-In and DORA compliance?
- Yes. Hello SOC maps directly to the RBI Cyber Resilience Framework for banks — continuous surveillance, logging and monitoring, incident response and reporting — and produces CERT-In-formatted incident notifications plus signed monthly audit reports. The same evidence supports DORA, NIS2, GLBA and FFIEC requirements for customers operating across the EU, UK and US.
- Do I still need my own security team?
- Hello SOC removes the need to run a three-shift analyst rotation, but it is designed to work with your existing IT and security staff. It handles detection, triage and proposed response; your team approves response actions and owns enforcement controls such as MFA and endpoint security (EDR), which sit outside the SOC.
- How does pricing work?
- Plans are sized by data volume and retention, not by device count — so adding firewalls or branches does not automatically change your bill. There are three tiers (Core, Complete, Enterprise) with plan-driven retention and per-customer overrides. See the pricing page for current bands, or request a sizing on a 30-minute demo.
- Can I try it on my own logs first?
- Yes. Send 24 hours of FortiGate syslog from any one device and, within two business days, Hello SOC returns a written analysis — what we would alert on, the incidents we would roll up, and the response actions we would propose — for your environment, your IPs and your traffic pattern. It is free and carries no commitment.
Still have a question?
Send us the specific line item — a compliance checklist row, a log source, a sizing — and we’ll reply with exactly what we ship and what we don’t.