Languages

     With regards to SIEM, there are many tools to use. Requirements naturally dictate which is best, but costs can vary greatly. Splunk is one of the most popular and naturally the most expensive to use. Its licensing is based on the amount of data received and process, but it provides a treasure trove of information when trying to protect an organization. 

OpenVAS

  • Intrusion Detection System (IDS), firewall and network management with log analysis
  • Network management, event monitoring, bandwidth utilization, access control list optimization, and operating system health monitoring
  • Server event monitoring, logging, and operating system health monitoring
  • Patch Management and systems baseline management
  • Daily, weekly, or monthly network/system compliance scans
  • Active web gateway management (Internet filtering both encrypted and unencrypted)

Gold Level Services (For large multinational enterprises or high-risk environments)

  • System/Network up-time, monitoring and logging
  • Quarterly network/system compliance scans
  • Quarterly antivirus monitoring
  • Basic web gateway management (Internet filtering)
  • Basic firewall rule logging and analysis

GFI LanGuard

     To give a background on differences between levels of service, a discussion covering what specific products can do should be done. Whether it be SIEM or a security management tool, the cost of its licensing can vary greatly. These costs can be either based on data amounts (for example Splunk is based on total amounts of log data produced) or by system monitored. There are also open source products that are sponsored by governments like the OpenVAS platform.

       Beginning with examples of security vulnerability scanning tools, we look at OpenVAS and GFI LanGuard. OpenVAS which has no licensing fee and can be used to meet regulatory requirements. The drawbacks naturally are that it does not come close to the level of accuracy or information provided by other tools like GFI LanGuard. GFI LanGuard provides much deeper level of analysis and can also provide services like configuration management and patch management. 

MONITORING AND THREAT MANAGEMENT Services

     To perform these management activities, we use our six-step process to decide what can be done on site, what should be done within our Cyber Security Operations Center (CSOC), and what types of software and techniques are optimal and meet requirements.  Generally, we categorized our security management services into three distinct levels are based on complexity and pricing to better fit your organization. To assist our customers in selecting the right type of monitoring solution, we offer three different levels of monitoring based on these four areas. Our monitoring solutions can either be on-site at your location where it is installed, configured and maintained by us, or off-site through our Cyber Security Operations Center (CSOC).

  • System, firewall and network logging and event analysis
  • Network management, critical event monitoring, and system health monitoring
  • Server event monitoring and operating system health monitoring
  • Basic Patch Management and systems baseline management
  • Monthly network/system compliance scans
  • Medium web gateway management (Internet filtering)

Splunk

     Our cyber security management service for organizational risk are based on best business practices and ISO/IEC 27001 Information Security Management for maintaining what is called the “ISMS” or Information Security Management System. Put simply, we build your ISMS to manages cyber security processes like:

  • Systems health, availability and performance monitoring
  • Systems scanning for configuration management, compliance and patch management
  • Antivirus
  • SIEM (Security Information and Event Management)
  • Incident Response and Threat Management
  • Build policies and procedures

Silver Level Services (For large companies or medium-risk environments)

Managed Security services 

MSS is a combination of consulting, monitoring and training services for managing risk

Bronze Level Services (For small companies or low-risk environments)

     On the other end of the spectrum, there is open-source software to use for log analysis like Elasticsearch. Like the security scanning software, it does not provide many of the benefits of software like Splunk but can it can be used to give a basic level of security to small organizations that may not have a high-risk level. 

Elasticsearch

Examples of Our Monitoring Services