Focus on knowledge, not data.

The ability to accurately prioritise and short list security incidents is critical to enabling an effective and rapid response. Our experts will work with your team to model critical assets and configure SIEM use cases and correlation rules to identify the security alerts that are most relevant. Your IT team will not be swamped with false positives, and can use their valuable time to resolve issues that really matter.

Full visibility and access to security logs with a summary of the state of their security and includes:

• Operational dashboards
• Reports for security, management, and compliance
• Full access to security event logs
• Drill down analytics
• Role-based and user-based views
• Case management

Supplement your existing IT security

If your existing platforms are not up to the tasks of feeding data to a SIEM, it is easily possible to augment your security with a range of services to help.

• PERIMETER PROTECTION: with a SIEM compatible firewall with IDS/IPS as well as UTM from Palo-Alto Security
• END-POINT PROTECTIONS: based on AV technology that can sit on every server or desktop in your organisation providing not only security services such as malware protections, file scanning, and Anti-Virus, but feeding security data up to the SIEM
• CUSTOM DEVICES: As long as your device supports syslog, or file access to logs, we can integrate those into the onsite log management servers with custom collectors, that translate the raw data into security events for the SIEM to act on.
• EXISTING ARCSIGHT ENVIRONMENTS: The SIEM as a Service is 100% compatible with ArcSight, and existing environments are easily integrated into the cloud based SIEM as a SERVICE.

Easily works in your IT environment

The SIEM-as-a-Services is compatible with many common environments in use today, and has the flexibility to be tailored to bespoke applications or systems that may be in place in your organisation.

PLATFORM

• Cloud compatibility with AWS and Azure detailed event and activity monitoring through the vendor tools.
• Internal server environments, based on Windows or LINUX.
• Desktop monitoring capability.

DEVICES:

• Fortinet, Cisco, Juniper, Palo Alto + more
• IPS/IDS systems
• Network devices
• WiFI environments
• Remote User/VPNs

SECURITY APPLICATIONS

• Email platforms
• Anti-Virus systems
• Splunk/RSA plus other monitor systems
• Traffic TAPS and monitors
• Splunk Installations
• Existing SIEM/security platforms
• DNS/AD/user management systems

OPERATING SYSTEM and APPLICATIONS

• Windows/Linux/HP/IBM
• Web servers
• Data base platforms

Apply the best Technology to your security environment

The result of having a SIEM-as-a-Service is:

• Knowing that all your systems are being automatically monitored.
• Having visibility over risk in the business.
• Enjoying the ability to thoroughly investigate suspicious activity from external or internal users.
• Reporting up to your board that your environment is logged and monitored.
• Being in control of your security and monitoring 24/7.

The SIEM as s Services provides you with visibility and insight into the security of your organisation and IT environments.

Easily add a SIEM

With a easy to have discussion, we can put together a solution and plan for your business with:

• Strategic IT security and IT risk consulting.
• Environment risk assessment.
• SIEM log architecture and capability analysis.
• Event action/Notification/ Prioritisation Matrix.
• System training and trial event tests.
• Ongoing environment updates..

The SIEM as a Service does require a virtual (or physical) server running our proprietary log capture and compression technology as well as a path to the internet to efficiently transfer live logs to the cloud based collectors.  The components should be within the capability of any IT environment, and remote assistance is available for initial setup, however no ongoing expertise is needed to run this system.