The Herjavec Group - Security Information and Event Management

Security Information and Event Management

The SIEM service is provided using technology from RSA. The Herjavec Group's (THG) service involves the deployment of an RSA enVision on the customer premises. This allows the customer to maintain control over its data and yet leverage the expertise and experience of THG consultants to review those logs and convert that data into meaningful information. Since the data is stored in its raw format and is encrypted, it can also be used for forensic analysis.

The enVision provides for real time alerting and reporting on events from the different devices present in the infrastructure. The powerful correlation engine very quickly alerts to malicious activity and enables the customer to make sense of vast amounts of data in a very short time. This significantly reduces the time to repair and restore and also reduces the possibility of malicious attacks going unnoticed.

Fully implemented and integrated into an enterprise a Herjavec Group SIEM solution is comprised of leading technology, policy & process development and highly skilled human resources on a 24x7 basis. The solution uses technology to collect and consolidate system log and security event data from throughout an enterprise network. Once stored it is acted upon by several solution modules that enable the data to be filtered, queried, analyzed and reported on. To implement a SIEM solution changes or additions to an organizations information security department in the areas of process and man power are highly likely required.

SIEM implementation benefits are:

Security:
This is the most comprehensive and effective security solution that is currently available and viable to an enterprise. Through continuous monitoring of network devices and critical assets, events are collected, filtered then correlated across monitored devices. False positives are eliminated in real time When an actual threat is detected reaction is immediate thereby mitigating or removing the risk.

Log Management:
Since the job of a SIEM is initially to collect and system events, it is a simple extension ability to effectively manage this data. Many solutions archive logs, the differentiation of a SIEM solution is its ability to generated meaningful, useful reports in addition to search this archived data using complex queries unavailable to mere storage solutions.

Compliance and Audit:
Implementing SIEM takes reporting to entirely new level. It provides retrieval visibility that auditors require on a granular level as well as specific reports that various industry and government regulatory bodies have mandated.

Governance, Risk and Compliance:
GRC is the business of managing risk, setting policy and processes as well as making decisions regarding IT strategy. Using SIEM as a decision support tool executives can draw upon its custom querying and reporting capabilities.

Back to Managed Services List >