Wednesday, September 19Care to be aware

Managed Security Services

What is a SIEM Solution?

What is a SIEM Solution?

Incident Management, Managed Security Services
  To give you the simplest answer, SIEM or Security Information and Event Management is defined as a complex set of technologies brought together to provide a holistic view into a technical infrastructure. Depending on who you talk to, there are about five different popular opinions on what the letters stand for. Looking at the 10 layered security stack by Michael Oberlaender, with the notion of managing all of it, is enough to make you lose your hair! However, it’s not a train – there is light at the end of the tunnel. That light has come to be known as the SIEM. The SIEM gives you a holistic, unified view into not only your infrastructure but also workflow, compliance and log management. A SIEM can provide a multitude of capabilities and services efficiently. At its
SOC Architecture : A complete guide

SOC Architecture : A complete guide

In Theory, Managed Security Services
Today’s cyber security operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise. This includes a vast array of sophisticated detection and prevention technologies, a virtual sea of cyber intelligence reporting, and access to a rapidly expanding workforce of talented IT professionals. Yet, most CSOCs continue to fall short in keeping the adversary—even the unsophisticated one—out of the enterprise. Ensuring the confidentiality, integrity, and availability of the modern information technology (IT) enterprise is a big job. It incorporates many tasks, from robust systems engineering and configuration management (CM) to effective cybersecurity or information assurance (IA) policy and comprehens
Security Operations Center : A Brief Overview

Security Operations Center : A Brief Overview

In Theory, Managed Security Services
An information security operations center ("ISOC" or "SOC") is a facility where enterprise information systems (web sites, applications, databases, data centers and servers, networks, desktops and other endpoints) are monitored, assessed, and defended. Objective A SOC is related with the people, processes and technologies involved in providing situational awareness through the detection, containment, and remediation of IT threats. A SOC manages incidents for the enterprise, ensuring they are properly identified, analyzed, communicated, actioned/defended, investigated and reported. The SOC also monitors applications to identify a possible cyber-attack or intrusion (event) and determines if it is a real, malicious threat (incident), and if it could have a business impact. Regulatory r...