easycurity – SIEM as a Service
With a SecureDevice SIEM as a service agreement, the customer gets a managed and hosted IBM QRadar SIEM- solution that is continuously optimised and tuned by one of SecureDevice’s own security consultants. The consultant reviews security events / offenses and proposes continual recommendations and / or help with updates, tuning, adaptation and set-up of dashboards and reports so that the solution is always optimised for the customer’s IT environment and the current threat image.
- Basic – Log Management
This solution is recommended for organisations with a basic need to collect and archive logs, and to be able to search easily across all of the network and event logs. The solution includes IBM QRadar Log Manager (Software and Hardware) and full implementation performed by SecureDevice’s own security consultants. The typical customer will need 4 days of SecureDevice Security Management annually to help with on-going maintenance and optimisation of the solution. This solution may subsequently be extended to SIEM when purchasing licenses and extended implementation without the need to replace existing hardware.
- Business – SIEM
This solution is recommended for organisations that want an intelligent solution to gain a total overview of security events, flows and user behaviour in their network. SIEM provides real-time visibility and enables your organisation to respond quickly to security events that can be attacks from external threats, internal deviations in the database activity, or user behaviour. The solution can consolidate log sources and event data from thousands of devices, endpoints and applications on the network and implement the normalisation immediately as well as correlate activities from raw data to be able to distinguish between false positives and real threats. The total overview from real threats is collected in Offenses, which is automatically given priority according to your organisation’s network hierarchy. The solution includes a hosted IBM QRadar SIEM (Software and Hardware) and full implementation performed by SecureDevice’s own security consultants. This solution provides a comprehensive set of rules and, in the implementation process, is tuned and adapted to the needs and resource capacity of the organisation. The typical customer will need 12 days of SecureDevice Security Management annually to help with on-going maintenance and optimisation and tuning the solution.
- Critical – SIEM + high emergency preparedness
This solution is recommended for organisations that require a particularly high level of preparedness for their SIEM solution. In addition to the above description of SIEM, an extra high level of preparedness is offered with a short response time, a permanently associated security consultant, and the possibility of integration with a third-party SOC / SAC from, e.g., CSIS Security Analytics Centre or IBM Security Services both of which SecureDevice works closely together with.
Several services