What is a managed SIEM service?
SIEM technology is a combination of security event management (SEM) and security information management (SIM) technologies. It allows organisations to continuously monitor their on-premise and cloud IT infrastructure for threats and to provide the information needed to respond to attacks and to mitigate vulnerabilities.
Best in Class SIEM Technology
CommSec has partnered with AlienVault to provide a world class managed Security Information and Event Management (SIEM) service organisations of all kinds in the Irish market.
AT&T CyberSecurity (AlienVault) SIEM technology collects logs and events from IT systems, devices and networks. We use this data to detect, categorize and analyse security incidents. The SIEM monitors threats in real-time and correlates events against the Open Threat Exchange (OTX – the world’s most authoritative open threat information sharing and analysis network).
SIEM technology is one component of the AlienVault USM (Unified Security Management) solution. The USM combines:
- SIEM and log management capabilities
- asset discovery,
- vulnerability assessment, and
- Network/Host intrusion detection (NIDS and HIDS)
All of these tools are accessible and managed from a single pane of glass. It employs integrated threat intelligence published by AlienVault labs and is automatically updated many times a week or as needed when a new threat emerges.
It can therefore help businesses to reduce security breaches, improve threat detection and enable rapid incident response. For example, when the HeartBleed OpenSSL vulnerability broke, AlienVault USM customers had new detection and correlation rules active and protecting their IT environments in under four hours.
Managed SOC Service
With a major shortage of skilled resources in today’s cybersecurity market, more and more organizations are opting to outsource key security monitoring services to a managed security service provider (MSSP). This is particularly the case in the Small-to-Medium business market who often do not have the time, staff or expertise required to monitor security and respond to incidents.
Our Managed SIEM & SIEM-as-a-Service capabilities can help you to meet your security monitoring needs, identify vulnerabilities and remediation steps in your IT environment and to respond quickly and appropriately to security incidents.
When an attack is identified, the SIEM will generate an alarm and our experienced Security Operations Centre (SOC) analysts will triage and analyse the alarm and advise you on remedial actions as required. This frees your IT staff from security monitoring and incident triage activities allowing them to focus on servicing your business needs, taking action only when advised by our expert SOC team.
SOC Incident Response Process