Detection & Response

Security Information and Event Management (SIEM)

Critical to any good cyber defense is our Detection & Response service that helps small to medium-sized businesses meet the challenges of persistent cyberthreats 24×7. Our highly trained security analysts and engineers are responsible for monitoring your network to detect, manage, and triage potential security incidents. If your business is compromised, our team immediately engages in containing and minimizing the damage to your systems and data.

Delivered from our SOC 2 compliant services and facilities, we enable your business to achieve the benefits of an advanced SIEM solution without the need for immense capital investment; without burdening your existing IT resources with the 24×7 responsibilities an effective SIEM platform requires.

With our Detection & Response service, you will receive:

  • 24×7 monitoring and security incident response
  • Security Operations Center, or SOC
  • Anomaly monitoring, suspicious traffic, or irregular activities
  • Security event detection, analysis, and classification on monitored devices and services
  • Perimeter Security Management
  • Intrusion Prevention System (IPS)
  • Monthly external vulnerability scans
  • Event log management for:
    • Microsoft Windows endpoints
    • Firewalls and IPSs
    • Routers and VPN concentrators
    • Switches and wireless access points
    • Servers and Active Directory
    • Database and antivirus servers
  • Log retention to meet compliance requirements
  • Client portal to access all your data, security events, and reports

Detection & Response Service for Compliance-Driven Organizations

Our service provides regulatory and standards-based reporting to support an incident investigation, including:

  • Change management, so you know who, what, when, and where network changes were made while capturing the previous configuration of devices.
  • Regulatory and standards-based reporting
    • Fulfillment of auditor’s request for information by running one of over 800 reports keyed to the specific rule within FISMA, GLBA, HIPAA, NERC, SOX, or the standard report set under COBIT.