Managed SIEM

Going Beyond Alert Management

Look Below the Surface of Alerts

Security Information and Event Management (SIEM) have long held the promise of dealing with the millions of alerts generated in a typical security environment. But collecting and storing alerts is just the first step. Deciphering which events are high priority versus simply “noise” is the ongoing challenge. And as alert volume increases, the challenge only gets worse. For many organizations, the cry for help is long overdue.

Service Levels to Meet Your Needs

GoSecure Managed SIEM comes in two service levels, Basic and Managed.

SERVICE LEVEL DESCRIPTIONS BASIC MANAGED
SIEM Maintenance
GoSecure is responsible for handling maintenance windows and recommend the best approach to minimize the impact on service.
checkmark-red checkmark-red
Yearly Service Review
Once a year, license, configuration and service are reviewed to ensure proper use and cost of the service.
checkmark-red checkmark-red
Monthly GoSecure Report
A recommended monthly report created and maintained by GoSecure, gives an executive view of multiple security aspect.
checkmark-red checkmark-red
Quarterly Meeting
Quarterly meeting included to discuss and review change requests and generic use cases questions.
checkmark-red checkmark-red
Basic Security Package
Up to 20 use cases, 5 reports and 1 dashboard pre-defined by GoSecure can be enabled.
checkmark-red checkmark-red
Self-Service Console (Multi-User Access)
User access list maintained and reviewed continuously.
checkmark-red checkmark-red
On-Demand Solution Support
On-demand support constitutes any custom feature, request, investigation.
*There is no SLA for on-demand, a minimum of 4 hours will be charged (hourly rate)
checkmark-red checkmark-red
Managed Use Cases 24x7
High confidence and high risk use cases are monitored and managed by GoSecure 24/7. All action and recommendations are custom built within a basic runbook to ensure tracking, documentation and standard procedures.
checkmark-red
Change Requests
In business hours, change requests can be made on the dashboard, use cases and reports. These requests allow analysts and managers to remove false positives and adjust the contextual data of the SIEM.
checkmark-red
Monthly Meeting
Monthly meeting included to discuss and review security events and improve SIEM use cases.
checkmark-red
Basic Runbook
To use proper reaction to use cases, a basic runbook is created and maintained by GoSecure. This procedure base document allows all team members involved to take action accordingly based on an approved process.
checkmark-red

Beyond the Basics

Using the Splunk platform, GoSecure provides real-time situational awareness around security logs, facilitating effective and efficient event analysis and incident response. Heightened situational awareness comes from creating a usage profile of infrastructure assets, configuration changes, asset-to-business service mappings, user discovery, and many other data points.

In addition to the default use cases offered by the SIEM platform, GoSecure has leveraged its Red Team and Blue Team specialists to create its own set of custom, vendor agnostic, use cases that are deployed as part of our onboarding process. The GoSecure use cases are the product of GoSecure’s years of operational experience as well as our alignment with Mitre’s ATT&CK Matrix. The objective of these is to enhance the detection of malicious behavior, while limiting false positives. In addition, GoSecure’s team of specialists can create tailored use cases for specific client needs whether they be for fraud detection, access detection or any other event that requires heightened visibility.

SIEM Nirvana

Adding an experienced management layer over a SIEM from industry leader Splunk can result in astounding security gains. Whether by the internal security team, or the GoSecure Active Response Center, events that require attention are identified quicker, resulting in faster breach detection and mitigation. With dwell time still reaching months for most organizations, speed is of the essence. GoSecure Managed SIEM allows you to accelerate your security posture.

Pin It on Pinterest