Security Information & Event Management
SE EventWatch captures and alerts our team of trained security professionals when malicious network activity is detected. Delivered from our SOC 2 compliant services and facilities, we enable our clients to receive the benefits of having an advanced Security Information & Event Management (SIEM) solution without the need for capital investment, and without burdening their existing IT resources.
SIEM requires planning, execution, response and the audit of network events and activities. SE EventWatch delivers Live Threat Management, providing the execution of log management and incident response to a security event when it happens. Best practices require that a third-party provides planning and auditing services to assure we, as your Managed Security Service provider (MSSP), are delivering the level of protection your organization requires.
SE EventWatch provides;
- Real-time capture and evaluation of log data and alerting.
- Expertise with SIEM application ensuring it is optimally configured for your network and security needs.
- Dedicated and trained security professionals who keep up-to-date on the rapidly changing threat landscape.
- 24×7 monitoring and incident response.
- Review of daily log data looking for trends that may be a precursor to an attack.
- Fine tuning and adjusting alerts and/or log data parsing rules as needed.
- Execution of non-intrusive vulnerability scans to assure that any network changes have not resulted in a new risk.
- Optionally, SE EventWatch can include state of the art firewalls with IPS and an additional layer of anti-malware/spyware filtering.
SE EventWatch also provides regulatory and standards based reporting to support an incident investigation, including;
- Change management so you know who, what, when, and where network changes were made while capturing the previous configuration of devices.
- Access via a client portal to a full set of your data, events and reports.
- Fulfill auditor’s request for information by running one of over 800 reports keyed to the specific rule within FISMA, GLBA, HIPAA, NERC, SOX or the common report set under COBIT.