Detection & Response

Security Information and Event Management

Our Detection & Response service offers a team of highly-trained, security professionals who monitor and analyze your network looking for deviations and potential security risks.  When a harmful event is detected, our team immediately responds to and works to mitigate the impact to your business.

Delivered from our SOC 2 compliant services and facilities, we enable your business to achieve the benefits of an advanced Security Information and Event Management (SIEM) solution without the need for capital investment; and without burdening your existing IT resources.

Detection & Response service from Systems Engineering includes:

  • 24×7 monitoring and security incident response
  • Detect, analyze, and classify security events for the monitored devices and services
  • Security Operations Center, or SOC
  • Address anomalies, suspicious traffic or activities
  • Managed firewall
  • Intrusion Prevention System (IPS)
  • Block malware traffic
  • Monthly external vulnerability scans
  • Log management for:
    • Firewalls and IPS
    • Routers and VPN concentrators
    • Switches and wireless access
    • Servers and Active Directory
    • Database and antivirus servers
  • Log retention
  • Client portal to access all your data, security events, and reports

For compliance-driven organizations, our service provides regulatory and standards-based reporting to support an incident investigation, including:

  • Change management, so you know who, what, when, and where network changes were made while capturing the previous configuration of devices
  • Regulatory and standards-based reporting
    • Fulfillment of auditor’s request for information by running one of over 800 reports keyed to the specific rule within FISMA, GLBA, HIPAA, NERC, SOX, or the standard report set under COBIT.