MSS Logo


Extend your team your way. Share specific security management workload, by your rules, with full transparency.

MSS Black Grid

Managed Security Services

Core security capabilities delivered your way, with full transparency. Our team manages the workload tasked to us following your rules, under your control, adjusted and scaled to meet your ever changing needs.  


No more alert throwing.

Emailed alerts can come from your IDS. Action-ready notifications result from prioritized, enhanced alert analytics, further enhanced by expert analysts, with action items hand delivered to in-house teams. 


Consistent, scalable, effective.

Incidents are managed  by dedicated analysts based on pre-approved workflows until resolved or escalation to a T1.   


Fuse intel into actions.

Active monitoring for imminent attacks, trending sentiment on social media, and monitoring for lost and stolen data is  a key part of any brand and risk management program activity. 

Threat & vuln management

Priority managed with exposure.

Identification of weakenesses in configurations, patching, and identified vulnerabilities must be throttled and prioritized based on IT infrastructure and application team capacity for remediation. 


Briefs, detail, trends to outcomes.

Reporting is more than basic counts and totals. Effective information exchange occurs when the “so what” factor is addressed. What is the outcome? Stay the course, or adjust. Tactical and executive options are available. 

Threat-driven workload is dynamic. Outcome oriented security operations teams must be able to scale based on the real-time threat landscape. Rook Managed Security Services facilitate immediate scaling based on your needs, based on your timing.

Preference may dictate some activities be managed by internal team members. Some may require other skills, or preferred routing for specific activities. Rook Managed Security Services allows you to control what workload gets routed to which analyst based on your preferences.

MSS v1 was uncontrolled alert-throwing. The Rook Managed Security Services offering has embedded control around alert mapping to threats, assets / attack/ and attackers, mapped to filtering, workflow, and policy decisions. Our team extends yours, your way, by your rules. Full control is maintained. The way it should be.

When co-sourced or in full-reliance, outcomes are key. To optimize outcomes requires a platform from which analysts perform tasks and workload, with full measurement. This allows metrics by activity, process, and outcome to be analyzed and adjusted to optimize performance vs. resources.

Security Operations as a System

From events through the entire security capability delivery system, continuity

must be maintained to the methods, metrics, patterns, and outcomes to determine how effective current

methods are vs. opportunities for optimization.   


MSS Solution Visual

“Don’t depend on the enemy not coming; depend rather on being ready for him”

Sun Tzu


Real security is dirty

Customer Testimonial

Westrock talks about working with Rook

News Article

10 Attributes of a NextGen Security Program

Rook’s Security Operations are recognized as a leader in Gartner’s Market Guide for Managed Detection and Response – May 2016

Let Us Prove It With a PoC

Preferred Time of Day:

Preferred Day: