TRUE SECURITY-AS-A-SERVICE

Similar documents
WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

SIEMLESS THREAT MANAGEMENT

SIEMLESS THREAT DETECTION FOR AWS

RSA NetWitness Suite Respond in Minutes, Not Months

Symantec Security Monitoring Services

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

locuz.com SOC Services

to Enhance Your Cyber Security Needs

ALERT LOGIC LOG MANAGER & LOG REVIEW

CYBER RESILIENCE & INCIDENT RESPONSE

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

GDPR: An Opportunity to Transform Your Security Operations

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Securing Your Digital Transformation

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Managed Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts

IPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

SIEM Solutions from McAfee

Staffing Services UnderDefense your source of experienced professionals to solve security staffing challenges today

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

A Comprehensive Guide to Remote Managed IT Security for Higher Education

CA Security Management

Are we breached? Deloitte's Cyber Threat Hunting

A Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud

deep (i) the most advanced solution for managed security services

Run the business. Not the risks.

Continuous protection to reduce risk and maintain production availability

THE ACCENTURE CYBER DEFENSE SOLUTION

RSA INCIDENT RESPONSE SERVICES

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

RiskSense Attack Surface Validation for IoT Systems

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

Sustainable Security Operations

Security

FOR FINANCIAL SERVICES ORGANIZATIONS

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

Best Practices in Securing a Multicloud World

Security Information & Event Management (SIEM)

ForeScout Extended Module for Splunk

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

RSA INCIDENT RESPONSE SERVICES

align security instill confidence

Accelerate Your Enterprise Private Cloud Initiative

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Unlocking the Power of the Cloud

IT Consulting and Implementation Services

AKAMAI CLOUD SECURITY SOLUTIONS

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

HP Fortify Software Security Center

Information Security Specialist. IPS effectiveness

Security Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

What can the OnBase Cloud do for you? lbmctech.com

Look Who s Hiring! AWS Solution Architect AWS Cloud TAM

Transforming Security from Defense in Depth to Comprehensive Security Assurance

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

Imperva Incapsula Website Security

Vulnerability Assessments and Penetration Testing

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

CYBER SOLUTIONS & THREAT INTELLIGENCE

CloudSOC and Security.cloud for Microsoft Office 365

Trustwave Managed Security Testing

IBM Security Services Overview

Cybersecurity The Evolving Landscape

Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος

Managed Endpoint Defense

Automate sharing. Empower users. Retain control. Utilizes our purposebuilt cloud, not public shared clouds

Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions

McAfee Total Protection for Data Loss Prevention

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

CipherCloud CASB+ Connector for ServiceNow

Security Incident Management in Microsoft Dynamics 365

Security by Default: Enabling Transformation Through Cyber Resilience

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Incident Response Lessons From the Front Lines. Session 276, March 8, 2018 Nolan Garrett, CISO, Children s Hospital Los Angeles

BHConsulting. Your trusted cybersecurity partner

CYBER CAMPUS KPMG BUSINESS SCHOOL THE CYBER SCHOOL FOR THE REAL WORLD. The Business School for the Real World

New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief

SOC 3 for Security and Availability

SIEM: Five Requirements that Solve the Bigger Business Issues

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

Twilio cloud communications SECURITY

BHConsulting. Your trusted cybersecurity partner

TB+ 1.5 Billion+ The OnBase Cloud by Hyland 600,000,000+ content stored. pages stored

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity

Using Threat Analytics to Protect Privileged Access and Prevent Breaches

esendpoint Next-gen endpoint threat detection and response

Data safety for digital business. Veritas Backup Exec WHITE PAPER. One solution for hybrid, physical, and virtual environments.

RFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template

NEXT GENERATION SECURITY OPERATIONS CENTER

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

Transcription:

TRUE SECURITY-AS-A-SERVICE To effectively defend against today s cybercriminals, organizations must look at ways to expand their ability to secure and maintain compliance across their evolving IT infrastructure. One approach commonly used is to staff security and research specialist in-house creating two teams: a dedicated Research team and a Security Operations Center (SOC). These teams, using advanced technologies, threat intelligence feeds, and defined processes, take on the responsibility of managing and defining security content, identifying and analyzing threats, and remediating compromises that infiltrate their environments. The challenge of finding and retaining skilled resources coupled with the high cost of purchasing and maintaining technology in-house puts creating Research and SOC team out of reach for many organizations. There is an alternative to this costly in-house approach: the Alert Logic Research team and Security Operations Center. The Alert Logic Research team and Security Operations Center offers organizations of any size the ability to extend their capabilities to secure and maintain compliance with a fully-managed enterprise grade solution without the cost or complexity of building and maintaining this function in-house. The Alert Logic Research team scours various sources of intelligence and analyzes multiple threat intelligence feeds in order to deliver comprehensive security content to the Alert Logic Cloud. The SOC, using the award-winning Alert Logic cloud-based security and compliance platform, delivers continuous protection and deep security and compliance insights to organizations no matter where their IT resides-- in the cloud, on-premises, or in a hybrid environment. Staffed by GIAC-certified security analysts and employing state-of-the-art technology, the SOC transforms raw security event data into actionable incidents, providing a valuable perspective on global threat activity that dramatically increases the security and compliance posture of any organization. The combined expertise of the Research team and Security Operations Center ensures rapid detection and response to incidents that aim to harm an organization s ability to operate, steal their intellectual property, or expose their customer s data. ADVANCING THE ART AND SCIENCE OF THREAT DETECTION The Security Research team plays a pivotal role in delivering continuous protection to the Alert Logic customer base. While the Alert Logic SOC is providing around the clock security monitoring, daily log review, web application firewall management, and advanced anomaly detection, the Alert Logic Research team is hard at work researching emerging threats, reviewing threat trends, and creating new security content that feeds the Alert Logic platform. Up-to-date security content enables the Alert Logic solution to eliminate irrelevant events and hone in on those events that warrant investigation by an analyst. Alert Logic s investment into mining threat intelligence, creating content continuously, and managing content for our customers means organizations are protected at a level few could obtain with their internal IT staff.

SECURITY OPERATIONS CENTER: COMPLETE SECURITY-AS-A-SERVICE The Alert Logic SOC removes the burden of around-the-clock monitoring from organizations already taxed internal IT staff, allowing these strategic resources to focus on projects and tasks that drive their business forward. The Alert Logic SOC extends an internal IT teams capacity to protect their applications, computing, and network infrastructure with advanced security solutions that are easy to implement, fully managed and do not require large upfront investments. With the Alert Logic SOC organizations gain the ability to: Protect web applications With Alert Logic Web Security Manager, experts proactively investigate malformed website requests in order to identify and implement required policy changes, respond to incidents, and provide ongoing tuning services as new threats appear. Detect security and compliance issues from log data Alert Logic Log Manager automates log collection, aggregation, and normalization of log data across an organization s entire environment; log review analysts review over 20 predefined reports to root out potential compliance and security issues. Identify and mitigate network threats With Alert Logic Threat Manager intrusion detection and vulnerability scan capabilities, security experts monitor network traffic for suspicious activity, analyze identified incidents, and escalate according to the organizations custom requirements. BEYOND MONITORING The SOC is staffed with security and compliance experts that provide a wealth of knowledge required to secure an organizations environment. Beyond the around- the-clock security monitoring, this specialized team of experts routinely completes the following tasks for customers: Complete threat investigations and analysis to deliver recommended remediation steps to the impacted organization Deliver threat assessment reports to identify risks to applications, network, and computing infrastructure, based on threat intelligence mined from a variety of internal and external sources Reverse engineer malware and suspect applications to obtain valuable information in order to drive new security content used to protect Alert Logic s entire customer base from future compromises Perform PCI and vulnerability scans to determine at risk systems for either compliance violations or known exploits The SOC blends the operational function of security monitoring with in-depth analysis to effectively identify and mitigate known and unknown threats.

ALERT LOGIC SECURITY TEAMS CUSTOMER CARE This first line of customer support receives all incoming support calls from the 2,700 customers serviced by Alert Logic. Reported issues from customers and assigned to the appropriate Alert Logic SOC team for resolution. APPLIANCE SUPPORT This team supports and monitors over 250,000 appliances, both physical and virtual, deployed at customer premises and service provider facilities to ensure data is being collected and delivered to the Alert Logic Cloud as expected. When appliances are offline or not functioning as expected a team member will work with the customer and/or service provider to resolve the issue. THREAT INVESTIGATION AND ANALYSIS TEAM This team investigates identified incidents from over millions security events collected daily. The analyst ensures the validity of the incident and performs detailed analysis in order to understand the potential impact. When required, the analyst will contact the impacted customers to explain the incident and provide recommended resolutions steps. This team also responds to customer requests for detailed investigations of specific events, including interpretation of raw event data. LOG REVIEW TEAM These analysts complete daily review of log data collected from customer assets. The review entails performing a detailed analysis of over 20 predefined, automatically generated reports with the goal of identifying security and/or compliance issues. The Log Review Analyst will provide these reports, as well as a synopsis of their findings, to over 700 customers daily. This team may also assist customers in searching through their stored log data. The Alert Logic Cloud currently stores and manages over 4 million petabytes of log data. WEB APPLICATION FIREWALL (WAF) TEAM These analysts provide management for the Alert Logic Web Security Manager solution. This team is staffed with specialists trained in the proper configuration, tuning, and maintenance of WAF technology to ensure uninterrupted availability and continuous protection. The combination of Alert Logic Web Security Manager, along with 24 x 7 management by the Web Application Firewall Team, empowers organizations to offload a resource-intensive responsibility without sacrificing their security posture. SECURITY CONTENT This team is responsible for ingesting multiple data feeds and producing content on the latest threat vectors and breaches. This content enables the Alert Logic analytics engine to eliminate irrelevant security events and hone in on those that warrant further investigation by the Alert Logic SOC. THREAT INTELLIGENCE The threat intelligence team mines a variety of source looking for information that will ultimately feed into the creation of new security content. This team is comprised of experts in the methods and tactics used by cyber criminals to penetrate networks, exploit application and system vulnerabilities, and exfiltrate sensitive data. With this specialized team working nonstop to identify threats and attacks, organizations are protected at a level that surpasses the capabilities of most internal IT teams.

SOC SERVICES The Alert Logic SOC transforms the information generated by security tools into useful and actionable knowledge, allowing customers to save time and money by focusing their efforts on remediation rather than investigation. ACTIVEWATCH for THREAT MANAGER This service monitors Threat Manager intrusion detection and vulnerability scan activity, analyzing each incident and escalating according to specific customer requirements. When incidents are identified, Alert Logic s security analysts provide guidance on remediation. ACTIVEWATCH for LOG MANAGER ActiveWatch for Log Manager is a managed service that delivers 24 7 analytics and continuous security monitoring of your log data, identifying potential security and compliance issues that could be impacting your organization. Unlike other costly and incomplete managed security services, ActiveWatch for Log Manager provides detailed information about issues and recommendations to return your environment to a trusted state. This service also satisfies the daily log review requirements of PCI DSS 3.0 in an automated fashion. ACTIVEWATCH for WEB SECURITY MANAGER This service provides a dedicated web application security team to proactively monitor the Alert Logic Web Application Firewall to identify and implement required policy changes, respond to incidents, and provide ongoing tuning services as new threats appear. ACTIVEWATCH PREMIER ActiveWatch Premier provides access to cutting-edge anomaly detection technology for enhanced detection of Advanced Persistent Threats, malware activity and zero-day attacks in near real time. In addition, ActiveWatch Premier customers have a named analyst who reviews and interprets all security data from each Alert Logic solution daily, applying an understanding of customer technology and business environment to identify relevant issues and concerns. LOG REVIEW The Log Review team completes daily log review required by many common compliance mandates, such as PCI and HIPAA. Each day, analysts use the Alert Logic Log Manager solution to analyze event log data, track and escalate issues, and send notifications to customers when potential issues that expose the organization to compliance violations are discovered. SCANWATCH Alert Logic s ScanWatch PCI managed service offering provides the required Approved Scanning Vendor services and reports needed to meet PCI compliance requirements for quarterly external vulnerability scanning. The service also offers functionality that provides customers with the self-service scanning tools needed to establish an external vulnerability management program.

MEET THE TEAM The Alert Logic SOC staffs GIAC-certified security analysts with a wide range of security backgrounds and areas of expertise. With varying degrees of education and experience, each analyst brings his or her own talents to the team. It is this diversity that makes the Alert Logic SOC able to effectively analyze and respond to the evolving breadth of threats. Analysts respond to security incidents identified by Alert Logic technology, providing detailed rootcause analysis and recommendations enabling a customer to return to a trusted state. Senior analysts provide in-depth incident investigations when required. Additionally these analysts work on casework requested by customers, as well as pure threat analysis to identify patterns of activity that may indicate new threats. Security Content Researchers review data intelligence feeds in order to create comprehensive security content that provides the broadest, most comprehensive threat coverage possible for customers. This expert provides mission critical output that allows the security analysts to avoid time-consuming investigations into false positives. Threat Intelligence Analysts mine a variety of sources looking for information that will ultimately feed into the creation of new security content. This analyst is an expert in the methods and tactics used by cyber criminals to penetrate networks, exploit application and system vulnerabilities, and exfiltrate sensitive data. ALERT LOGIC EXPERT CERTIFICATIONS

WHAT IS GIAC? Global Information Assurance Certification (GIAC) is the leading provider and developer of Information Security Certifications. GIAC tests and validates the ability of practitioners in information security, forensics, and software security. GIAC certification holders are recognized as experts in the IT industry and are sought after globally by government, military and industry to protect the cyber environment. SECURITY CERTIFICATIONS U.S.-EU & U.S.-Swiss Safe Harbor Frameworks In its ongoing commitment to maintain the strictest control standards on data security, Alert Logic maintains a certification of compliance with the U.S.-EU Safe Harbor program. The Safe Harbor program bridges the differences in approach to privacy data handling between the U.S., the European Union, and Switzerland, and it provides a streamlined means for U.S. organizations to comply with the privacy laws of each country. AICPA Service Organization Control Reports An independent public accounting firm has issued two Service Organization Control reports in relation to Alert Logic s Security-as-a-Service solutions. Service Organization Control reports are designed to help service organizations that operate information systems and provide information system services to other entities build trust and confidence in their service delivery processes and controls. This audit was completed in accordance with the attestation standard of the American Institute of Certified Public Accountants (AICPA), referred to as SSAE No. 16. SSAE No.16 is the auditing standard developed in 2011 by the AICPA to replace SAS 70 and align U.S. and international standards, creating a more global, unified standard. Alert Logic has successfully completed the industry standard audit since 2008.

ABOUT US Alert Logic, the leader in security and compliance solutions for the cloud, provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Fully managed by a team of experts, the Alert Logic Security-as-a-Service solution provides network, system and web application protection immediately, wherever your IT infrastructure resides. Alert Logic partners with the leading cloud platforms and hosting providers to protect over 2,700 organizations worldwide. Built for cloud scale, our patented platform stores petabytes of data, analyzes over 400 million events and identifies over 50,000 security incidents each month, which are managed by our 24x7 Security Operations Center. Alert Logic, founded in 2002, is headquartered in Houston, Texas, with offices in Seattle, Cardiff, and London. For more information, please visit www.alertlogic.com. Security. Compliance. Cloud. 2014 Alert Logic, Inc. All rights reserved. Alert Logic and the Alert Logic logo are trademarks, registered trademarks, or service marks of Alert Logic, Inc. All other trademarks listed in this document are the property of their respective owners.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback