Security Information and Event Management (SIEM)

A holistic view on security-relevant events offers many advantages for IT security officers, for instance to identify patterns and avert damage from the IT infrastructure.

However, companies often lack this holistic view, and attacks, irregularities or securities holes are rather identified separately.
With the Security Information and Event Management (SIEM) companies can take a holistic view on their IT security.

We collect all technical protocols (log files) of security-relevant systems in the most different formats, transfer them into a uniform and readable form (normalization) and index them. That way they are available to you and to our security experts in a consolidated form for search queries, pattern recognition and correlation analysis.

Security Operation Center (SOC)

The Security Operation Center (SOC) is the heart of our SIEM service. Here we collect all security-relevant data, perform in-depth analysis, evaluate the data, plan preventive measures and implement them.
The basis for this are customized use cases which are stored in the SIEM system. This helps us to ensure an efficient response to security incidents.

Our SOC employees regularly inform you about the status of your IT security and advise you about preventive measures. We provide you with ready-made instruction manuals, so-called “playbooks”, for typical security scenarios. This guarantees a quick and efficient response if a problem occurs.

As a follow-up, the SOC also provides you with the forensic analysis of the event so you can evaluate the extent of the damage and can better protect yourself from future attacks.

SIEM – Your Advantages at a Glance

  • Registration and central collection of all security-relevant events
  • Extensive search function, pattern recognition and correlation analyses make sure you can take a holistic view on your IT security
  • Planning of preventive measures
  • Recognition and management of weak spots (vulnerability management)
  • Pre-defined instructions for a quick and efficient response to typical security incidents (playbooks)
  • Forensic analysis of incidents

Contact

Wolfgang Rösch
T +49 911 65004 137
wolfgang.roesch@datagroup.de