Attacks from hackers are becoming more and more sophisticated each year. This leaves companies with increased costs, due to system crashes, loss of confidential data, bad publicity, customer uncertainty or lost market share.
The most effective way to know when you have been attacked is to use a SIEM solution (Security Information and Event Management). Central log collection has always been a good practice, but automating threat detection and making the events readily available is a must-have. SIEM is critical for identifying known and unknown threats based on data collected from logs.
Security Intelligence is the cornerstone of any SIEM solution platform. It’s important to be able to conﬁgure, manage, and operate the essential security capabilities that no company should be without. Unifying the essential security capabilities within a single platform simpliﬁes management and reduces complexity, allowing you to spend more time securing the network and less time learning, deploying and conﬁguring tools.
We offer the following deliverables within this service:
When things get complicated, we will support you and provide direct access to the vendor support.
Hotline is available via email, phone and the customer portal.
Response time is defined by the SLA you attach to the agreement:
Analysis & Design
We have years of experience working with preventive security controls and understand how to build an optimized threat detection platform based on logs. Take advantage of our Professional Services team that will support you doing your classic architectural tasks such as:
Deployments are always performed by combining best practices from the vendor with our own experiences. Typically we can estimate deployments beforehand and are delivered using fixed pricing.
We have the following deployment options available:
We deliver a fully managed service or an on-premise managed SIEM.
Secu Log Management Service
LMS is an add-on to our VMS service, and delivers a fully managed service.
Managed RSA Netwitness for Logs & Packets.
RSA Netwitness for Logs is unique when combined for Netwitness for Packets.
Read more here.
Tenable SecurityCenter CV is the tool for vulnerability management, but includes a Log Correlation Engine which comes with out of the box correlation rules and threat intelligence.
Secu LMS is an extension to our VMS service, and is a fully managed and hosted SIEM service based on Tenable SecurityCenter CV.