MENU

SSS Managed SIEM Service

Identification, management, and remediation of security threats are key components for effective cyber security posture. Our Managed SIEM service provides a modular set of capabilities to assist with achieving a better posture, without the overhead normally associated with SIEM platforms.

Contact us on 04 917 6670 or sales@sss.co.nz if you would like to know more about our SSS Managed SIEM Service.

Request more information3   Request a demo

Our Solution

We have partnered with AlienVault, a leading provider of Threat Management and SIEM. Together we provide a cloud-based turnkey service to provide threat detection and response capabilities across your environments.

The SSS Managed SIEM service provides a leading SIEM platform, along with the knowledge and experience that SSS clients have come to trust in our 30+ years in the industry. We have designed the service to provide insights and perspective across internal and cloud environments, flexibility to adapt to varying requirements, and deliver at an affordable price.

Key Features

  • Platform management
  • Asset discovery
  • Log retrieval
  • Intrusion and anomaly detection
  • Security event management
  • File integrity monitoring
  • Compliance templates
  • Customisable dashboards
  • Threat intelligence
  • Vulnerability assessments
  • Threat intelligence gathering and correlation
  • Behavioural monitoring
  • Alarm management
  • Endpoint detection and response capability
  • Weekly and monthly reporting
  • Critical incident management and analysis

Overview

The service is cloud-hosted and utilises sensor virtual machines deployed on your network to collect data. These sensors run scans and remediation activities, and feed data to the cloud platform for log management and data correlation.

Service Establishment

Use case analysis and requirements gathering are a key part of our service establishment. This allows us to support a personalised service per client, rather than a one-size-fits-all approach.

  • Personalised discovery workshops.
  • Industry-standard best-practice templates to guide the delivery and outcomes of the service.
  • An agile approach to support the delivery of projects in an iterative manner.

Managed SIEM Service

  • We provide a managed service of the AlienVault cloud platform on a monthly subscription basis.
  • We provide analysis of the data collected by the platform and assist in alarm investigation.
  • We provide recommendations and help develop response plans.
  • We provide weekly reports on the activities for that week, and highlight key areas of opportunity, and also where remediation has reduced overall risk.
  • The service is scalable supporting organisations of any size.
  • A full pay-as-you-grow (as a service) commercial model with a 30-day termination option.

Additional Sensors

  • One sensor is included in the base service.
  • Additional sensors can be purchased to be deployed across your networks as required.

Additional Storage

  • Extra storage can be purchased to maintain more detailed logs, or to increase the retention period of the logs.