Detection & Response
Security Information and Event Management
Our Detection & Response service offers a team of highly-trained, security professionals who monitor and analyze your network looking for deviations and potential security risks. When a harmful event is detected, our team immediately responds to and stops the event before it causes damage to your business.
Delivered from our SOC 2 compliant services and facilities, we enable your business to achieve the benefits of an advanced Security Information and Event Management (SIEM) solution without the need for capital investment; and without burdening your existing IT resources.
Detection & Response service from Systems Engineering includes:
- 24×7 monitoring and security incident response
- Security Operations Center or SOC team
- Managed firewall
- Intrusion Prevention System (IPS)
- Block malware traffic
- Monthly external vulnerability scans
- Log management for:
- Firewalls and IPS
- Routers and VPN concentrators
- Switches and wireless access
- Servers and Active Directory
- Database and antivirus servers
- Log retention
- Client portal to access all your data, events, and reports
- Forensic data searches
For compliance-driven organizations, our service provides regulatory and standards-based reporting to support an incident investigation, including:
- Change management, so you know who, what, when, and where network changes were made while capturing the previous configuration of devices
- Regulatory and standards-based reporting
- Fulfillment of auditor’s request for information by running one of over 800 reports keyed to the specific rule within FISMA, GLBA, HIPPA, NERC, SOX, or the standard report set under COBIT.