Frequent Questions

RocketCyber is a managed SOC platform offered as a Managed SOC Service detecting malcious activity across Endpoints, Network and Cloud attack pillars.
The RocketCyber Managed SOC Platform includes a built in app store so MSPs can enable purpose-built detection apps of interest. Some of our featured apps include Breach Detection, Threat Hunting, Event Log Monitoring, Office 365 threat detection, Firewall Monitoring and more. Put simply, RocketCyber enables MSPs to deliver billable monthly cyber security services to small-medium businesses.

Threat hunting is the operation of proactively seeking cyber-threats that go undetected in a network. RocketCyber automatically hunts for malicious actors in your network that evade defenses like firewalls and antivirus systems. Once a malicious actor has established a foothold and persistence on a computer, many organizations lack the advanced detection capabilities to seek and deter the advanced persistent threat from residing on the network. This is why threat hunting is an essential component of any organization’s SOC -— security operation center and defense strategy.

All RocketCyber subscriptions include hunting capabilities via the Advanced Threat Hunt app and the automated threat intelligence hunt feeds. The current 17 hunt test methodologies supported are:

  • Browser visit
  • DNS Cache Entry
  • Driver File Hash
  • Driver File Name
  • File Hash
  • File Name
  • Event in log source
  • Event in log category
  • Event ID in log
  • Event type in log
  • Service state
  • User account
  • Network connection
  • Process Hash
  • Process Name
  • Registry Key
  • YARA rules

After creating a New Customer, a wizard is presented for deployment options. Alternatively, you can navigate the Customers tab, and select the deployment link next to the customer's name.
RocketCyber Windows deployment options include a native GUI installer, PowerShell copy/paste script, PowerShell downloadable file, and a number of popular RMM-ready scripts, such as Kaseya, Datto, SolarWinds, ConnectWise, Syncro, Ninja and more. For macOS and Linux, a curl script is available.

When RocketCyber detects malicious and/or suspicious findings, incident tickets are delivered to your MSP's ticketing system.
Our current notification options include a native SMTP email alert configuration or alternatively through our API integrations with Kaseya, Autotask, Connectwise or Syncro PSAs.

When an attacker gains a foothold on the network, Tactics are defined as the tactical stage, also known as the goal of the attacker. Techniques are defined as the technical operation carried out in order to obtain the goal.
Example Tactic - Establish persistence on a windows computer. While there are numerous techniques in order to accomplish this goal, an example technique - Adding entries to the run keys in the registry or startup folder, result in an attacker maintaining their precense under the context of the user in addition to obtaining the same level of access permissions.

Politely put, the majority of almost every breach victim over recent times had such cyber defenses in place also.
Breach Detection was developed specifically to detect intruders who have already evaded such firewalls and antivirus systems. It is equally important to reduce the 'dwell time' when an intruder does gain access to the network and deter their activity before the last tactical goal has been accomplished, which in most scenarios is the theft of data.

RocketCyber collects syslog data and then pasrses the relevant information needed to monitor for malicious activity. Most firewall vendors support the creation/forwarding of syslog data to the RocketCyber collector. If you have a firewall vendor that does not support syslog, contact your representative to determine an alternitive method such as a RESTful API.
The firewall vendors we continuously test in our labs are:

  • Cisco Meraki
  • Cisco ASA
  • Cisco Firepower
  • Palo Alto
  • SonicWall
  • Untangle
  • CheckPoint
  • Sophos
  • Fortinet
  • WatchGuard
  • pfSense
  • Barracuda
  • Ubiquiti
  • Mikrotik
  • Zyxel

Supported operating systems

  • Windows 8.1 / Server 2012 R2 (32-bit / 64-bit)
  • Windows 10 / Server 2016 / 2019 (32-bit / 64-bit)
  • Windows 11 / Server 2022 (32-bit / 64-bit)
  • Centos 7 and greater
  • Ubuntu 18.0 and greater
  • Red Hat 8 and 9
  • AWS Linux version 2.0
  • macOS Catalina 10.15
  • macOS Big Sur 11.x
  • macOS Monterey 12.x
  • macOS Ventura 13.x

RocketCyber offers a full 21-day trial with all features for the Managed SOC. You can monitor unlimited endpoints, firewalls and Office 365 users. Add as many customers as you desire. When the trial expires, you can then subscribe to the monthly SOC subscription.


Start a free trial today!

All development is performed in the U.S. and located adjacent to our SOC team in Dallas, Texas. We also have a dedicated SOC team located in the EU to stay GDPR- compliant for customers as well.

Popular Question

What attack pillars does RocketCyber provide visibility into?

  • Endpoint threats
  • Network threats
  • Cloud threats

Get Advanced Threat Protection today with RocketCyber.

Gain visibility into Endpoint, Network and Cloud attack pillars.