Caretower s SIEM Managed Security Services



Similar documents
Firewall Managed Service. I.T. Security Specialists. Firewall Managed Service 1

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Payment Card Industry Data Security Standard

I.T. Security Specialists. Cyber Security Solutions and Services. Caretower Corporate Brochure

North American Electric Reliability Corporation (NERC) Cyber Security Standard

LogInspect 5 Product Features Robust. Dynamic. Unparalleled.

DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD

LogPoint 5.1 Product Features Robust. Dynamic. Unparalleled.

CASSIDIAN CYBERSECURITY SECURITY OPERATIONS CENTRE SERVICES

Service Definition Document

Click to edit Master title style. How To Choose The Right MSSP

Assuria from ZeroDayLab

Lot 1 Service Specification MANAGED SECURITY SERVICES

How To Buy Nitro Security

We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review

whitepaper The Benefits of Integrating File Integrity Monitoring with SIEM

High End Information Security Services

NEC Managed Security Services

Clavister InSight TM. Protecting Values

Current IBAT Endorsed Services

Spyders Managed Security Services

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series

Intelligence Driven Security

Cloud Assurance: Ensuring Security and Compliance for your IT Environment

Continuous Network Monitoring

SECURITY OVERVIEW FOR MY.ENDNOTE.COM. In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our

SIEM Implementation Approach Discussion. April 2012

Maximizing Configuration Management IT Security Benefits with Puppet

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

IBM QRadar Security Intelligence April 2013

NitroView Enterprise Security Manager (ESM), Enterprise Log Manager (ELM), & Receivers

ALERT LOGIC FOR HIPAA COMPLIANCE

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

PCI DSS Reporting WHITEPAPER

Continuous Cyber Situational Awareness

Data Sheet: Vigilant Web Application Firewall. Where every interaction matters. Security-as-a-Service. Fully Managed Solution

The Case for Managed Security Services for Log Monitoring and Management

Managed Security Service Providers vs. SIEM Product Solutions

What is Security Intelligence?

IBM Security Operations Center Poland! Wrocław! Daniel Donhefner SOC Manager!

Maintaining PCI-DSS compliance. Daniele Bertolotti Antonio Ricci

2012 North American Managed Security Service Providers Growth Leadership Award

IBM QRadar as a Service

Feature. Log Management: A Pragmatic Approach to PCI DSS

Cloud Vendor Evaluation

Securing the Cloud through Comprehensive Identity Management Solution

LogRhythm and NERC CIP Compliance

The Education Fellowship Finance Centralisation IT Security Strategy

How To Manage Security On A Networked Computer System

Security Information & Event Management (SIEM)

End-user Security Analytics Strengthens Protection with ArcSight

A COMPLETE APPROACH TO SECURITY

The SIEM Evaluator s Guide

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service

SecureVue Product Brochure

CyberArk Privileged Threat Analytics. Solution Brief

GOOD PRACTICE GUIDE 13 (GPG13)

Compliance Management, made easy

PCI Compliance for Cloud Applications

Advanced Threats: The New World Order

MANAGED SECURITY SERVICES (MSS)

Performanta Pty Ltd. Company Profile. May Trust. Practical. Performanta.

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

Boosting enterprise security with integrated log management

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

Q1 Labs Corporate Overview

SOC & HIPAA Compliance

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

Effective Threat Management. Building a complete lifecycle to manage enterprise threats.

Injazat s Managed Services Portfolio

SP Monitor. nfx One gives MSPs the agility and power they need to confidently grow their security services business. NFX FOR MSP SOLUTION BRIEF

Secure Cloud Computing

Anatomy of a Breach: A case study in how to protect your organization. Presented By Greg Sparrow

IBM Global Technology Services Preemptive security products and services

THE BLUENOSE SECURITY FRAMEWORK

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

HP and netforensics Security Information Management solutions. Business blueprint

CNS Security and Network Monitoring. Managed Services Description

Security Event and Log Management Service:

IBM Internet Security Systems products and services

Log Management Solution for IT Big Data

PCI DSS Top 10 Reports March 2011

QRadar SIEM 6.3 Datasheet

Managed Security Services for Data

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Securing your IT infrastructure with SOC/NOC collaboration

Log Management How to Develop the Right Strategy for Business and Compliance. Log Management

LOG INTELLIGENCE FOR SECURITY AND COMPLIANCE

Dr. Konstantinos Ap. Eleftherianos Dr. Konstantinos Papapanagiotou. ISACA Athens Chapter Conference Athens 4/11/2013

Vulnerability Management

Transcription:

Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1

Challenges & Solution Challenges During recent times, organisations all over the globe are facing many challenges irrelevant of size or vertical when it comes to Security Information and Event Management (SIEM) solutions. Advanced persistent threats Many organisations have implemented a defence in depth strategy around their critical assets using APT, firewalls and IDS/IPS at the perimeter, twofactor authentication, internal firewalls, network segmentation, HIDS, AV and as well as other technologies. All of these devices generate a huge amount of data, which is difficult to monitor. A security team cannot realistically have all these dashboards open and correlate events among several components fast enough to keep up with the packets traversing the network. Zero-day threat detection New attack vectors and vulnerabilities are discovered every day. Firewalls, IDS/IPS and AV solutions all look for malicious activity at various points within the IT infrastructure, from the perimeter to endpoints. However, many of these solutions are not equipped to detect zero-day attacks. Operation support The size and complexity of today s enterprises is growing exponentially, along with the number of IT personnel to support them. Operations are often split among different groups such as the Network Operations Centre (NOC), the Security Operations Centre (SOC), the server team, desktop team, network team etc. Each with their own tools to monitor and respond to events. This makes information sharing and collaboration difficult when problems occur. Compliance Almost every business is bound by some sort of industry regulation such as PCI-DSS, GPG13, ISO27001/2, HIPAA, SOX. Attaining and maintaining these regulations is a daunting task. Virtually every regulatory mandate requires some form of log management to maintain an audit trail of activity. Forensics Not only must a forensics analyst interpret log data to determine what actually happened, the analyst must preserve the data in a way that makes it admissible in a court of law. Since log data represents the digital fingerprints of all activity that occurs across IT infrastructures, it can be mined to detect security, operations and regulatory compliance problems. 2 Caretower s SIEM Managed Security Services

Whether it is the challenges of managing many disparate devices across different locations or having to face a cyber attack in the ever growing threat landscape, systems are compromised and affected with data being taken, along with the complexity of adhering Solution Caretower s Security Information and Event Management (SIEM) service collects, analyses and stores logs from networks, hosts and various applications. SIEM allows clients to: Collect logs from multiple locations into a central system: This enables numerous receivers to feed into one central system for monitoring and reporting. Summarise key incidents: Critical events and alarms are reported to the client, in turn decreasing the period and resource. Correlate critical events: A pro-active holistic approach that ensures threats are identified where individual devices alone may not detect them. to and maintaining industry driven compliances. These factors are major concerns for businesses as they are difficult to combat which need to be addressed and overcome in an effective and timely manner. Caretower s Vendor Agnostic MS SIEM Service Existing SIEM Solution Customer Network Report on incidents: A full reporting engine and dashboard is built into the Caretower s MSS SIEM service, providing clients with a real-time visibility and historic reporting activity. Take immediate and suitable remediation activities: This minimises the implication of threats on our client s network and allows our Incident Response Team to take immediate action. Security Endpoints Network Caretower s SIEM Managed Security Services 3

SIEM Managed Security Services SIEM Managed Security Services Architecture In the architecture diagram below, multiple receivers from multiple locations collect logs from various devices and ELM (Enterprise Log Manager) and ESM (Enterprise Security Manager) fetch these logs from the receiver periodically. ELM Stores the RAW logs mainly for compliance purposes and ESM uses normalised logs for reporting, correlation and alerting. Situational Awareness and Advanced Correlation Real time Risk Based Alerting and Remediation Ad-hoc and Scheduled Reports Centralised Overview, Analyse, Alert and Report (ESM - Enterprise Security Manager) Enterpise Log Manager (Raw Event Archive) Receiver A Receiver B Receiver C Storage Business Apps Servers Security Endpoints Network Security Mobile Servers Location A Location B Location C SIEM Managed Security Service We can host the solution or the solution can reside within our customer s network. We wrap our services around either option which offers flexibility of architecture and management. We monitor security events 24/7 and provide in-depth security expertise. We also provide reports on spot-patterns across a number of customers to provide advanced warning on new threats. Proactive management Run by dedicated and industry leading certified security engineers (GIAC Certified Forensic Analyst) GCFA SOC Engineer s vendor certified Escalation from tier 1 to tier 3 engineers 24/7 x 365 SOC cover Fully ISO27001 accredited SOC 4 Caretower s SIEM Managed Security Services

Service based on ITIL3 framework Customer oriented, process driven and service driven Transition, incident, problem and change management Portal access for incident and change management Multiple logins available for customer staff Change requests initiated by SOC or by the customer Incident tickets raised in management system automatically or manually via web portal Email notification of tickets raised and updated Bi-weekly/monthly reports generated for customers SLA - Measurable Escalations industry leading SLAs Incident Response - SANS (SysAdmin, Audit, Networking, and Security) Incident Response Receive alerts in real-time Perform forensic investigation Î Î Provide security reports with expert advice within SLAs SLAs depend on the business impact for the inbound alerts. Different SLAs are implemented for traditional support (change requests, patching, upgrading, etc.) and incident response (advice on alerts) and work through a remediation Remediation plan and infrastructure recommendations Change requests Fully logged and reports for audit trail Minimise Operational Expenditure Improve productivity/effectiveness of the solution Maximise your investments Help achieve compliance Traditional monitoring and support Maintenance of rules and reports Î Î Offer agility and flexibility Reduce Internal Resource and Training Costs Gives you peace of mind that your security is safely managed by a team of experts 24 hours a day Value to Customers Improve your security posture within your environment Threat Awareness Real-Time Trending Proactive Maintenance and Monitoring Risk Mitigation Caretower s SIEM Managed Security Services 5

Recommendations to customers Deploy Base-Line configuration based on NIST Top 20 Security Controls Based on common IT security best practices Custom and compliance reports Implemented during the design phase Maintained later on by the Security Operations Centre Perform accurate tuning of the correlation - engine/rule s based on the customer s specific use cases Based-lined configuration support Tuning of the out-of-the-box features SIEM or MSsP? - comparing capabilities Features SIEM MSSP Monitors log events Helps attain regulatory compliance Flexible service delivery Provides 24/7 analysis by security analyst Stores logs off-site in forensically-sound facility* Provides security intelligence and expertise as part of the solution Built-in disaster recovery and business continuity planning (DR/BCP) Predictable fixed cost May require additional infrastructure (server, network devices, storage, etc.) *Optional store raw log data on customers premises, which may involve additional cost, and where it may not be protected against alteration or theft. 6 Caretower s SIEM Managed Security Services

Benefits of Caretower s SIEM Managed Security Service Speed of Implementation Our SIEM Managed Security Service seamlessly integrates with your network and can be up running within days, not months. We deliver instant results through visibility of events and analyse on a live dashboard with in-depth reporting. Simplified Compliance Our SIEM Managed Security Service enables companies to fulfil their compliance requirements by providing you with on demand, enterprise-wide reports that demonstrate the security status of your systems. The SIEM service can provide auditing against the following industry standards (e.g.): PCI DSS Compliance ISO 27001 Protective Monitoring (GPG13) SOX HIPAA PSN Flexible Dashboards and Robust Reporting Our SIEM Managed Security Service brings you comprehensive technical, operational and trend reports that communicate security status and satisfy compliance requirements. Dashboards are available out-of-the-box and Caretower delivers customisable dashboards to each and every customer based on their requirements. 24/7 Caretower Security Operation Centre Our SIEM Managed Security solution allows you to be a SIEM user, not an administrator. This means that you have access to SIEM to view the data and run required reports whilst maintaining a certain level of privileges. The SIEM service is constantly monitored by our 24/7 Security Operations Centre where the team will carry out monitoring, management and incident response to security events and alerts. Why Caretower? As an independent IT security specialist, with over 17 years experience, Caretower provide comprehensive solutions to individual problems, thus allowing our recommendations to be unbiased. Over the years, we have quickly established many long standing relationships with all of our vendors, achieving the highest status within these organisations based on the level of expertise within our internal sales, support and professional services teams. This relationship ensures we provide our customers with key changes within the industry which assists in their on-going security management strategy. To provide live 24/7 McAfee SIEM Managed Service in Europe Dedicated GIAC Certified Digital Forensic Security Engineers (SANS (SysAdmin, Audit, Networking, and Security) Institute) Full-onsite and hosted architecture options, depending on your requirements We are CSA (Cloud Security Alliance) member and ISO 27001 Accredited Caretower s SIEM Managed Security Services 7

Get in touch: 020 8372 1000 info@caretower.com www.caretower.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information