Funding Circle

Date Posted:

21/02/2025

Client Name:

Funding Circle

Introduction

Funding Circle is the UK’s leading finance platform for SME borrowers. Established in the UK in 2010, Funding Circle has extended more than £13,6bn in credit to c.103,500 businesses. For SME borrowers, Funding Circle provides an unrivalled customer experience, delivered through its technology and data, coupled with a human touch. Its solutions continue to help customers access the funding they need to win. For institutional investors, Funding Circle provides access to an alternative asset class in an undeserved market, and delivers robust and attractive returns.

SEP2 has been a trusted provider of Managed Detection and Response (MDR) services for Funding Circle since September 2023. This case study sheds light on the early days of their partnership and how working with SEP2 has benefitted the company.

The need for a Managed Detection and Response service

In the modern cyber security landscape, it is vital for organisations to have the capacity to react to threats in a consistent and timely manner. To do this, Funding Circle welcomed the VP of Security and Infrastructure, Marc White, to implement an overall security strategy. Marc has nearly 30 years of experience in payments and financial services from a security standpoint and said, “I’ve seen the whole transition of physical servers under a desk, that became a comms room, that then went on to be a data centre and then the transition of the cloud. I’ve come along as part of the journey.”

Built on the core technology of Google SecOps, SEP2’s Wingman MDR is delivered as a service by SEP2’s UK-based 24/7/365 staffed SOC. Wingman MDR brings detection and response capabilities to organisations of all sizes and types.

When Marc joined Funding Circle, he encountered the usual challenges of “disparate tooling and limited visibility.”

“Often the term used is ‘you can’t see the wood for the trees’. Most organisations implement security tooling tools and you’ve got different dashboards. The idea is you put them into a single place, and leverage expert resource such as the SEP2 SOC that actually understands that data and work with it on a daily basis. They can assess it case-by-case and escalate it back to us at Funding Circle only when necessary. And that whole process has been really, really smooth.”

Marc White, VP of Security and Infrastructure – Funding Circle

Finding SEP2

Marc had previously worked with Google Chronicle and was keen to find a trusted partner to deliver their technology. Google recommended SEP2 to him as a key partner within the UK, their endorsement a testament to SEP2’s exceptional capabilities and reputation in the industry.

Marc recalls that selecting SEP2 was an easy choice, as our values aligned with his own, “you want to work with an organisation that’s got the same values, not just company values, but personal values. They’re people who have seen how things have been done badly – with some providers just wanting to sell you the next shiny thing. SEP2 completely flipped that on its head. It was just refreshing to be able to have a conversation and not be force-fed a silver bullet.”

His initial exchange with SEP2, coupled with the establishment of a genuine partnership based on shared values, made the decision to work with SEP2 “a bit of a no-brainer”.

Working with SEP2

Funding Circle found the onboarding process with SEP2 to be smooth and uncomplicated. Marc recognised that the most significant challenge was internal, stemming from the complex processes and systems that were in place at Funding Circle. The data was dispersed across various sections of their security stack, presenting a challenge. He required a solution that could consolidate this data into a single, accessible location. The integration of Wingman MDR was made straightforward by the combined efforts of SEP2’s SOC experts and Google, resulting in a seamless process and positive experience for the Funding Circle team.

Looking to the future

Funding Circle’s collaboration with SEP2 has strengthened their security infrastructure, streamlined their tools and made their business more secure. As Funding Circle continues to grow, their partnership with SEP2 will remain a cornerstone of their commitment to safeguarding the businesses they serve.

Related Case Studies

Want to read about other businesses that we have helped with our services and solutions? Click here to view more case studies or click one of the related case studies below.

GTMaritime

article date:

24/04/2025

The onboarding process with GTMaritime was collaborative and efficient. SEP2 rebuilt their gateways from the ground up, ensuring a robust and stable foundation for their email security operations.

Eagle Eye

article date:

15/04/2025

When Eagle Eye migrated to Google Cloud Platform, they discovered that their legacy security measures were inadequate for the evolving, cloud-native environment. Seeking a solution, Eagle Eye turned to Google for advice on what ‘good’ security should look like, given their tech roadmap and strategic vision. Google recommended a set of tools and partners, including SEP2.

NHS Trust

article date:

24/03/2025

One of the Trust’s NHS partners uses Check Point firewalls and were highly complementary about SEP2’s services. On their recommendation, the NHS Trust got in touch with SEP2, initially recruiting them to install a Quantum 3600 Gateway to support their move to a new office. Utilising a breakout firewall at an office remote from the main site allowed the Trust to save on bandwidth for the hospital.

Why Choose Us

Our values inspire and guide us towards cyber security excellence

SEP2 are cyber-security specialists whose success is built on five values:

Honesty

We have always worked hard to ensure that we are offering an honest and transparent set of solutions to our clients. This means always prioritising the right solutions to our customers.

Committed to Good

SEP2 is an honourable organisation guided by a strong moral compass. We live this value with authenticity; it is not about simply ticking a social responsibility box. We understand that we are on the side of ‘good’ in a continuing war against cyber criminality, and that we have a purpose and duty to perform.

Passion

No matter who you talk to at SEP2, you will find someone truly passionate about the sector that they are working in. We are fanatical about the sector – working in cyber security really means something to each and every one of us.

Tech Driven

Cyber Security is by nature a tech-heavy sector. It is fast-moving and complex. This is why we only partner with vendors that truly understand the sector and have solutions that are tried and tested. We fundamentally believe in our portfolio of vendor solutions.

People Powered

We understand that the tech alone is not going to provide you with the security you need. It is our job to know these solutions inside-out to ensure they are right for your requirements. We understand that we need to listen and be proactive. We live our ‘people powered’ value and have a proud history of investing in apprentices to help us grow.

Every SEP2 colleague lives these values every day. We have a culture of passionate people who work as a team that will never leave a job incomplete.

Tech Driven. People Powered.

Protect your business today

Get in touch to find out how we can secure your organisation against all forms of cyber security attacks. For monthly expert insights delivered straight to your inbox, sign up to ‘Wingman Insights’, written by our CEO Paul Starr, made for tech-driven people like you.

Cookie	Duration	Description
__cfruid	session	Cloudflare sets this cookie to identify trusted web traffic.
_GRECAPTCHA	5 months 27 days	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
_lfa	2 years	This cookie is set by the provider Leadfeeder to identify the IP address of devices visiting the website, in order to retarget multiple users routing from the same IP address.
AWSALBCORS	7 days	This cookie is managed by Amazon Web Services and is used for load balancing.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-functional	1 year	The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
elementor	never	This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.
JSESSIONID	session	The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application.
PHPSESSID	session	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
aka_debug	session	Vimeo sets this cookie which is essential for the website to play video functionality.
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
_calendly_session	21 days	Calendly, a Meeting Schedulers, sets this cookie to allow the meeting scheduler to function within the website and to add events into the visitor’s calendar.
AWSALB	7 days	AWSALB is an application load balancer cookie set by Amazon Web Services to map the session to the target.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_LSE9RP433S	2 years	This cookie is installed by Google Analytics.
_gat_UA-89994160-1	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
mf_user	3 months	Mouseflow sets this cookie to identify whether a visitor is new or returning.
vuid	2 years	Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Security Intelligence Services

Technical Services

Security Audit Services

Funding Circle

Date Posted:

21/02/2025

Client Name:

Funding Circle

Tags:

Introduction

The need for a Managed Detection and Response service

Finding SEP2

Working with SEP2

Looking to the future

Related Case Studies

GTMaritime

article date:

24/04/2025

READ MORE

Eagle Eye

article date:

15/04/2025

READ MORE

NHS Trust

article date:

24/03/2025

READ MORE

Why Choose Us

Honesty

Committed to Good

Passion

Tech Driven

People Powered

Tech Driven. People Powered.

Protect your business today

Sign Up

join our newsletter today

Kieron

Central Response Team Manager

Connect with Kieron on LinkedIn