Introduction to RocketCyber

This article provides a high‑level introduction to RocketCyber, including the attack surfaces it monitors, the core capabilities of the platform, and the services included. It is intended for MSPs and IT administrators who are evaluating RocketCyber or are new to the platform.

What is RocketCyber?

RocketCyber is a cloud‑based cybersecurity platform designed to detect and respond to malicious activity that bypasses traditional security controls such as firewalls and antivirus software. The platform provides continuous monitoring and threat detection, helping organizations identify active threats across their environments and respond before damage occurs.

RocketCyber collects security data using lightweight agents and integrations, eliminating the need for on‑premises hardware.

Attack surfaces monitored by RocketCyber

RocketCyber provides 24/7 threat detection across three primary attack vectors commonly targeted by adversaries:

Endpoint: RocketCyber monitors Windows, macOS, and Linux endpoints for suspicious and malicious activity. This includes analysis of event logs, user behavior, and anomalous device activity. The platform supports proactive threat hunting, intrusion detection, and integrations with third‑party endpoint detection and response (EDR) and antivirus solutions.
Network: Critical network components are monitored for security threats, including firewalls, DNS activity, intrusion detection systems (IDS), log data, and TCP/UDP network traffic. Network telemetry helps identify lateral movement, command‑and‑control activity, and other indicators of compromise.
Cloud: RocketCyber continuously monitors Microsoft 365 and Microsoft Entra ID (formerly Azure AD) for suspicious authentication activity, malicious logins, and email‑based threats such as account compromise attempts.

Key platform capabilities

RocketCyber includes the following core capabilities:

Cloud‑based deployment: No dedicated hardware is required. Security data is collected through lightweight agents and supported integrations.

Security stack integrations: RocketCyber integrates with popular PSA and RMM tools to support ticketing, provisioning, and deployment workflows.
Threat triage and incident escalation: Detected threats are analyzed and escalated as security incidents when immediate attention is required. Incident records include contextual details, recommended remediation steps, and options to isolate affected assets.

Application‑based extensibility: A built‑in app store allows MSPs to enable security applications as needed. Available apps include Breach Detection, Event Log Monitoring, Office 365 threat detection, and Firewall Monitoring.
Compliance‑aligned operations: RocketCyber operates a certified and audited Security Operations Center (SOC) that meets SOC 2 and HIPAA requirements.

RocketCyber Managed SOC (MDR)

RocketCyber includes a Managed Security Operations Center (SOC) service that delivers managed detection and response (MDR) capabilities.

The Managed SOC is staffed by experienced security analysts who:

Proactively hunt for threats across monitored environments
Investigate and triage detected activity
Validate and escalate actionable threats
Work directly with customer teams to support remediation efforts

For more information about this service and its features, refer to the RocketCyber Managed SOC-Brochure.

	Need help? Submit a Kaseya Helpdesk request.
	Want to talk about it? Head over to Kaseya Community.
	Have a new feature idea? Visit the Kaseya Ideas portal.
	Provide feedback for the Documentation team.