Skip to main content
Tarbh Tech

Security Operations

Enterprise-grade security monitoring, threat detection, and incident response. Capabilities that expand tier by tier from COSAINT Cyber through to Strategic.

Get in Touch

What we do

Every COSAINT tier starts with the same enterprise-grade security foundation: Blackpoint Cyber for 24/7 SOC monitoring and Ironscales for email threat protection. We do not sell security as an add-on. It is the baseline.

From this foundation, each tier adds progressively deeper protection. Essentials adds Microsoft-native identity and email security (Entra P1, MDO P1). Managed adds endpoint hardening and device security (MDE P1, Defender for Cloud Apps, Intune). Complete upgrades to the full Microsoft Defender XDR suite. Strategic adds Purview compliance, Sentinel SIEM, and external attack surface management.

The layered approach means you are never paying for security you do not need, but you always have a clear upgrade path when your requirements grow. Every tool in the stack is configured, monitored, and maintained by our team – you get protection, not a dashboard to watch.

Security across our tiers

Each tier builds on the one before it. Security capabilities expand as you move up – no gaps, no overlap, clear value at every step.

1

COSAINT Cyber

EUR 35/user/mo

Security overlay on your existing M365

  • Blackpoint MDR (24/7 SOC) – human-led threat detection and response
  • Ironscales email protection – phishing, BEC, malicious attachments
  • SPF/DKIM/DMARC setup and monitoring
  • Security alert notifications to nominated contacts
  • Discovery and baseline gap report

You keep your own M365 licences and IT team. We add enterprise-grade security monitoring and email protection as a lightweight overlay.
2

COSAINT Essentials

EUR 60/user/mo

Identity and email security for cloud-first organisations

  • MDO P1 – Safe Links, Safe Attachments, anti-phishing policies
  • Entra P1 Conditional Access – MFA, location-based, risk-based sign-in policies
  • SaaS Backup – M365 mailbox, OneDrive, and SharePoint protection

Adds Microsoft-native identity and email protection layers on top of Cyber. Cloud-only, no device management.
3

COSAINT Managed

EUR 85/user/mo

Endpoint hardening and device security

  • MDE P1 – endpoint hardening, ASR rules, vulnerability management
  • Defender for Cloud Apps – shadow IT discovery, app permissions control
  • Intune device compliance policies (Windows + macOS)
  • 1Password Business – credential management across your organisation

Adds endpoint protection and device security to the stack. Every device your team uses is enrolled, hardened, and monitored.
4

COSAINT Complete

EUR 115/user/mo

Defender Suite with XDR and attack simulation

  • Defender Suite – MDE P2 (EDR), MDO P2 (advanced email), Entra P2/PIM (privileged identity)
  • Enhanced Defender for Cloud Apps – deeper shadow IT and OAuth app control
  • Attack Simulation Training – test your team with realistic phishing campaigns
  • Full end-user helpdesk with SLA-measured security incident escalation

Upgrades to the full Microsoft Defender XDR suite. Cross-domain threat correlation, automated investigation, and attack simulation training.
5

COSAINT Strategic

EUR 150/user/mo

Compliance, SIEM, and external attack surface management

  • Microsoft Purview Suite – DLP, Insider Risk Management, eDiscovery Premium, Audit Premium
  • Microsoft Sentinel – custom detection rules, threat hunting, anomaly detection
  • Defender EASM – continuous external attack surface mapping
  • Cyberday ISMS – ISO 27001, NIS2, GDPR compliance platform
  • vCISO advisory and board-level security reporting

Adds the full compliance and threat intelligence layer. Purview protects data. Sentinel hunts threats. EASM maps your external exposure. Cyberday manages your ISMS.

Key capabilities

24/7 SOC monitoring

Round-the-clock security operations centre via Blackpoint Cyber, detecting and responding to threats in real time. Included in every tier.

Endpoint detection and response

Microsoft Defender for Endpoint across all devices – from basic protection at Managed tier to full P2 EDR with automated investigation at Complete and above.

Email threat protection

Ironscales catches phishing and BEC at every tier. MDO P1 adds Safe Links and Attachments from Essentials. MDO P2 adds advanced anti-phishing from Complete.

Identity and access management

Entra ID with Conditional Access from Essentials. Privileged Identity Management (PIM) from Complete. Zero-trust identity controls that grow with your tier.

Data loss prevention

Microsoft Purview DLP at Strategic tier – policy-based protection for sensitive data across email, Teams, SharePoint, and endpoints. Insider Risk Management for behavioural anomalies.

Security incident triage

Every alert is investigated and triaged. Real threats are escalated and resolved. False positives are closed. You get clarity, not noise.

Monthly security reporting

Automated reports covering threat detections, incident resolutions, Secure Score trends, and compliance posture – delivered to your inbox from Essentials upward.

Security Operations FAQ

Is the SOC really 24/7?
Yes. Our SOC partner, Blackpoint Cyber, operates a 24/7/365 security operations centre staffed by human analysts. Critical threats are detected and responded to in real time, not queued for business hours. Every COSAINT tier includes this level of monitoring – from Cyber at EUR 35/user/month through to Strategic.
What happens when a threat is detected?
When Blackpoint detects a genuine threat, they take immediate containment action – isolating the affected endpoint or blocking the malicious process. Our team is notified simultaneously. You receive a full incident report including what happened, what was done, and any follow-up steps required.
What is the difference between Cyber and Essentials for security?
COSAINT Cyber provides Blackpoint SOC and Ironscales as a security overlay on your existing M365. COSAINT Essentials adds Microsoft-native protection: MDO P1 (Safe Links, Safe Attachments), Entra P1 (Conditional Access with MFA enforcement), and SaaS Backup. If you already have strong M365 configuration, Cyber may be enough. If you want us to harden your identity and email layer with Microsoft tools, Essentials is the step up.
When do I need Defender Suite (Complete tier)?
COSAINT Managed includes MDE P1 for endpoint hardening. COSAINT Complete upgrades to the full Defender Suite – MDE P2 (EDR with automated investigation), MDO P2 (advanced email protection), Entra P2 with PIM (privileged identity management), and enhanced Defender for Cloud Apps. If your organisation faces sophisticated threats, handles sensitive data, or needs cross-domain threat correlation, Complete is the right level.
Do you handle compliance reporting?
Every tier from Essentials upward includes automated monthly security posture reports covering Secure Score, threat detections, and incident summaries. For organisations with specific compliance needs (NIS2, ISO 27001, DORA), COSAINT Strategic includes the full Microsoft Purview suite, Cyberday ISMS platform, and vCISO advisory for comprehensive compliance management.

Technology Partners

The tools and platforms we use to deliver enterprise-grade security operations.

Microsoft Defender for Endpoint logo

Microsoft Defender for Endpoint

Enterprise endpoint detection & response across Windows, macOS, and Linux.

How we use it

Deployed on every managed device from COSAINT Essentials upward. We configure exclusion policies per environment and feed alerts into our SOC workflow.

Learn more
Microsoft Defender for Office 365 logo

Microsoft Defender for Office 365

Advanced email protection against phishing, BEC, and malicious attachments.

How we use it

Included in every tier. We tune Safe Links and Safe Attachments policies, configure impersonation protection, and review quarantine reports weekly.

Learn more
Microsoft Sentinel logo

Microsoft Sentinel

Cloud-native SIEM for security analytics, threat intelligence, and automated response.

How we use it

Deployed for COSAINT Strategic clients. We build custom analytics rules, automate incident triage with playbooks, and produce monthly threat intelligence reports.

Learn more
Blackpoint Cyber logo

Blackpoint Cyber

24/7 human-led MDR and SOC monitoring with rapid containment.

How we use it

Our primary MDR partner across all tiers. Their SOC analysts provide real-time threat hunting, containment, and escalation, giving every client 24/7 coverage.

Learn more
Ironscales logo

Ironscales

AI-powered email security with crowdsourced threat intelligence.

How we use it

Layered alongside Defender for Office 365 for defence-in-depth email protection. Catches threats that bypass native Microsoft filtering.

Learn more
Microsoft Entra ID logo

Microsoft Entra ID

Identity and access management with conditional access and MFA.

How we use it

We configure conditional access policies, enforce MFA, and manage identity protection across every client tenant.

Learn more

Ready to secure your business?

Every COSAINT tier starts with enterprise-grade security. Let us show you which level is right for your organisation.

Get in Touch

Or email us at [email protected]