How Does Facet Technologies Protect Your Business? Our Security Stack, Explained.

Endpoint protection is software installed on every workstation, laptop, and server that detects and stops malicious activity. Facet deploys SentinelOne, a Gartner Magic Quadrant Leader for Endpoint Protection Platforms for five consecutive years.

SentinelOne uses AI-powered behavioral analysis instead of relying on traditional signature-based antivirus. A signature-based antivirus is a legacy approach that can only detect threats it already knows about. SentinelOne’s approach means it can detect and stop zero-day threats, fileless malware, and ransomware variants that have never been seen before — because it watches what software does, not just what it looks like.

Key capabilities Facet clients receive through SentinelOne include automated threat detection and response without waiting for a human analyst, ransomware rollback that can restore encrypted files to their pre-attack state, and Storyline technology that maps the full timeline of an attack for root cause analysis. This technology runs across Windows, macOS, and Linux environments with consistent protection regardless of operating system.

A Security Operations Center, or SOC, is a team of cybersecurity analysts who monitor your network around the clock for signs of an active attack. Facet partners with Blackpoint Cyber for 24/7/365 SOC monitoring and managed detection and response (MDR).

Blackpoint Cyber was founded by former U.S. Department of Defense and Intelligence cybersecurity operators. Their SOC doesn’t just send alerts — it takes action. When Blackpoint detects a threat, their analysts isolate the compromised endpoint, contain the attack, and then call Facet’s team directly with a full debrief and recommended next steps. This is what the industry calls “true MDR” — managed detection and response, not just managed detection and notification.

Blackpoint’s published response metrics include an average containment time of 7 minutes for cloud-based incidents and 16 minutes for on-premises incidents. Their proprietary SNAP-Defense platform provides a 360-degree view of the network environment, combining endpoint telemetry, network visualization, and cloud monitoring to catch threats that siloed tools miss.

This is what separates Facet’s security from providers who install antivirus and call it protection. You have a trained team of security analysts watching your network at 2 AM on a Saturday — and they’re empowered to act, not just observe.

Email remains the primary attack vector for businesses. According to the 2025 Verizon DBIR, the human element was involved in 60% of breaches, and AI-generated phishing emails have doubled over the past two years.

Facet deploys Proofpoint email security — the same platform trusted by more than 85% of Fortune 100 companies. Proofpoint analyzes every inbound email using multi-layered detection that includes AI-driven behavioral analysis, URL sandboxing (detonating suspicious links in a safe environment before they reach your inbox), attachment scanning, and impersonation detection for business email compromise (BEC) attempts.

A business email compromise attack is a type of fraud where an attacker impersonates a trusted person — like a CEO or vendor — to trick an employee into transferring money or sharing sensitive information. The FBI’s Internet Crime Complaint Center reported that BEC scams resulted in more than $6.3 billion in losses in 2024 alone. Proofpoint’s detection engines are specifically designed to catch these attacks, even when the email contains no malicious link or attachment.

Zero trust is a security philosophy that assumes no user, device, or application should be automatically trusted — even if it’s already inside your network. Instead of a traditional model where anything inside the firewall is considered safe, zero trust verifies every access request based on identity, device health, and context.

Facet implements zero trust through multiple layers. Application allowlisting ensures only pre-approved software can run on your endpoints and servers. If ransomware, unauthorized tools, or unapproved scripts attempt to execute, they’re blocked by default — not because they were identified as malicious, but because they weren’t on the approved list. This “deny by default” approach dramatically reduces the attack surface.

Additionally, Facet deploys network-level zero trust controls that define which systems can communicate with each other, blocking unauthorized lateral movement. If an attacker compromises one device, these controls prevent them from moving through the rest of your network.

Facet offers zero trust options including both dedicated application control platforms and Fortinet’s built-in ZTNA capabilities, depending on the client’s environment and preferences. For organizations with a CTO or internal IT team that has specific requirements, Facet works collaboratively to design the right zero trust architecture.

Facet Technologies actively supports clients through HIPAA (healthcare data protection), CMMC (Department of Defense contractor requirements), and ISO 27001 (international information security management) compliance. These are the frameworks Facet’s team works with most frequently and knows deeply.

That said, Facet’s experience with Azure cloud architecture, network segmentation, and our compliance management platform means we have the capability and expertise to support nearly any framework a client needs — including PCI DSS, NIST Cybersecurity Framework, FedRAMP, and cyber insurance requirements. The underlying security controls overlap significantly across frameworks, and Facet’s engineering team has the cloud and infrastructure expertise to map those controls to whatever standard your industry requires.

Compliance consulting at Facet is a dedicated engagement — not a checkbox buried in a managed services contract. Facet’s compliance process includes gap analysis against the relevant framework, a remediation roadmap with prioritized action items, documentation support for audits, and ongoing monitoring to maintain compliance posture year-round.

This matters because compliance is not a one-time project. Regulations change, your environment changes, and auditors expect evidence of continuous effort — not a folder of documents pulled together the week before the audit.

No — and most IT providers who claim managed security services aren’t certified MSSPs either. A Managed Security Service Provider (MSSP) is a company whose primary business is dedicated security operations, typically with their own in-house SOC and SOC 2 Type II certification.

Facet Technologies is a managed IT services provider that delivers managed security services through a layered approach: enterprise-grade tools deployed and configured by our certified engineers, combined with 24/7 SOC monitoring through our partnership with Blackpoint Cyber — a firm built by former U.S. Department of Defense cybersecurity operators.

When a situation requires specialized incident response beyond our scope, we bring in dedicated security partners. This is the model that actually works for businesses with 20 to 250 employees — enterprise-grade protection without enterprise-grade complexity or cost. And we’d rather be transparent about how our security works than claim a designation we haven’t earned. That honesty is part of how we operate.