Advanced Cyber Consultancy
Structured security assessments, governance design, and incident readiness planning. Aligned to NCSC CAF, NIST CSF 2.0, CIS Controls v8, NIS2, and DORA.
Cyber security across the full lifecycle
Softcat works with over 10,000 customers. Those relationships create a deep understanding of each organisation's environment, risk profile, and priorities. Cyber security services build on that foundation.
Our Cyber Services
Four connected services covering assessment, prevention, detection and response, and active incident handling. Each works independently. Together they cover the full lifecycle.
Cyber services in numbers
Deep customer relationships backed by verified cyber security credentials and operational capability.
Customers
Existing relationships that create visibility
Technology relationships give Softcat deep understanding of each customer's environment, risk profile, and priorities.
analyst capacity
SOC analysts never run at full allocation
Analysts operate at 60% capacity. That headroom means availability for priority incidents without queue delays.
response SLA
Microsoft-verified detection and response time
Verified benchmarks for time-to-detect and time-to-respond. A requirement of Microsoft MXDR verification.
How we work
Softcat Cyber Services covers the full lifecycle. Advisory Services set direction through assessments against recognised frameworks. Architecture and Implementation Services translate findings into a designed and deployed estate.
Support Services keep the preventive platform layer healthy. Managed Services run 24/7 detection, investigation, and active response.
This is not a rigid sequence. Organisations enter at any point. The model works because each service is valuable on its own, but stronger in combination.
Accreditations
Credentials confirmed by independent bodies and vendor programmes.
Microsoft MXDR Verified
Verified by Microsoft engineering in October 2024. Validated across Sentinel, Defender XDR, and Entra ID.
MISA Membership
Microsoft Intelligent Security Association member since April 2024. Integrated with the Microsoft security ecosystem.
NHS SBS Framework
Approved supplier across all three lots of the NHS Shared Business Services Cyber Security Framework. One of only seven approved providers.
Four Microsoft Security Designations
Cloud Security, Identity and Access Management, Data Security, and Threat Protection.
Organisations we protect
Real outcomes from real engagements. See how organisations across the UK have strengthened their security posture with Softcat.
Guide?
Read our guide on Cyber Management services to find out...
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.
Technology partnerships
Softcat works with security vendors across the market. Recommendations are based on what fits the environment, not a restricted product set.
Why Softcat
Cyber and the wider technology business in one relationship.
Pure-play managed security providers detect and respond. When the work extends beyond the SOC, the relationship reaches its limit. Softcat operates the SOC and the wider technology business behind it. One relationship covers assurance, platform operations, threat detection, incident response, and the supply chain that supports recovery.
Frequently asked questions
Common questions about Softcat Cyber Services, from managed detection and response through to advisory assessments and accreditations.
What is MXDR and how is it different from traditional managed security?
MXDR stands for Managed Extended Detection and Response. Traditional managed security forwards alerts for internal teams to investigate. MXDR analysts detect, investigate, and take containment actions across the environment. Softcat's MXDR is Microsoft-verified.
What security frameworks do Softcat assessments cover?
Assessments align to NCSC CAF, NIST CSF 2.0, CIS Controls v8, NIS2, DORA, and Cyber Essentials Plus. Each produces a maturity score, gap analysis, and prioritised roadmap. The Security Risk and Compliance Assessment and the Security Controls Assessment are the lead offers.
What happens during a security incident?
Softcat provides active incident response during live security events, covering forensic investigation, containment, and recovery. When incidents demand infrastructure rebuild, the wider Softcat technology business mobilises hardware and restores platforms alongside the security team.
Do we need to use all of Softcat's cyber services together?
No. Each service works independently. Some organisations start with an assessment and progress to managed services. Others begin with Cyber Defence & Response. The services are stronger in combination, but the entry point depends on priorities.
Does Softcat have its own Security Operations Centre?
Yes. Softcat operates a UK-based SOC staffed by specialist security analysts. The SOC provides 24/7 threat detection, investigation, and response. Analysts operate at 60% capacity to ensure availability for priority incidents.
Can Softcat help if we already use Microsoft E5 but have not activated the security features?
This is a common starting point. Many organisations have paid for Sentinel, Defender XDR, and Entra ID through E5 licensing but lack the skills to configure and run them. Softcat's MXDR activates and operates these tools as a managed service.
How does Softcat differ from specialist cyber security firms?
Pure-play managed security providers detect and respond. When the work extends beyond the SOC, the relationship reaches its limit. Softcat operates the SOC and the wider technology business behind it. That means a single relationship for assurance, platform operations, threat detection, incident response, and the supply chain that supports recovery.
What accreditations does Softcat hold for cyber security?
Softcat holds Microsoft-verified MXDR status (October 2024), MISA membership (since April 2024), and four Microsoft security designations: Cloud Security, Identity and Access Management, Data Security, and Threat Protection. Softcat is also an NHS SBS Cyber Security Framework supplier across all three lots, one of only seven approved providers.
