HG Managed Services
Herjavec Group’s Managed Security Services practice is SOC 2 Type 2 certified and defends your organization from increasingly sophisticated, targeted cybercrime threats. We take on the day-to-day defense of your infrastructure by monitoring your network, systems and data 24 hours per day, 7 days per week, 365 days per year, on premise or in the cloud.
Recognizing that security is not purely a technology issue, we combine technical and human intelligence to enrich the information and alerts shared with our customers. We offer two streams of service:
- Proactive Threat Detection which includes logging, correlation, & threat hunting
- Security Technology Management which includes certified optimization, administration, best practices & health checks
Core Managed Security Services
- IT Security information and event management
- Intrusion prevention and detection
- Application security
- Next generation firewalls
- End point protection
- Data loss prevention
- Web proxy and URL filtering
- Vulnerability management
- File integrity monitoring
- Threat Hunting
- Security Monitoring
- Alert Escalations driven through Analytics Platform
- Security Event Investigation
- Dedicated Technical Expertise
- Social Media Threat Monitoring
- Patch & Hotfix Management
Our Managed Security Services are supported by our state of the art, PCI Compliant, geo-redundant, Security Operations Center.
Herjavec Group has demonstrated an innate ability to add value and context to its enterprise security customers globally, both on premise and in the cloud. Herjavec Group’s managed security service practice relies on two proprietary technology pillars:
Herjavec Group Threat Framework
The Threat Framework allows dynamic and evolving threat modelling to be applied within any organizational environment. Herjavec Group focuses on meaningful security use cases to proactively identify attacks by applying the Framework to onboarded technologies & threat intelligence products in the client’s environment.
The Threat Framework covers key attack categories including:
- Targeted Attacks
- Traffic Anomalies
Herjavec Group Analytics Platform
Herjavec Group’s Analytics Platform filters threat intelligence and customer data into actionable, relevant alerts. Alerts enriched using Herjavec Group’s Threat Framework are processed through the Platform, which automatically performs additional enriching functions including IP reputation look up, protocol parsing, deduplication & rule suppression, prior to preparing a readable output for Herjavec Group’s security analysts to review and action accordingly.
Key features of the Analytics Platform include:
- IP Rep Lookup – Correlation of source address with known adversaries
- Protocol Parsing – Identification and translation of common protocols
- De-duplication – Suppression of multiple messages of a recognized alert
- Alert Trending – Correlating alerts based on time and frequency of notable event
- Rule Suppression – False positive elimination with triggered rule exclusion
- White & Black List – Active filters to ignore or highlight specific sources
Herjavec Group Cloud SIEM
Core to our Managed Services practice, Herjavec Group’s Cloud Security Information & Event Management (SIEM) platform offers simple and scalable log aggregation and data analytics with live dashboards comprised of customized charts, tables, and alerts. The platform is scalable to the size of your complex environment, offering unparalleled speed and efficiency.
The key benefits to Herjavec Group’s Cloud SIEM platform include:
- Scalable Performance – This service grows with you. On-going monitoring of gigabytes per day will determine the need for additional growth and coverage. Proactive provisioning will ensure complete coverage of your most important log sources.
- Simplicity & Fast Time to Value – Herjavec Group Cloud SIEM offers little overhead in terms of complex infrastructure. Featuring a single virtual or physical collector on premise to collect and transport critical logs, the core analytics and live dashboards occur securely within the Herjavec Group’s Cloud.
- Complete Coverage End-To-End – Through proactive management within our Security Operations Centre (SOC), our experienced team configures and filters your SIEM service to maximize the investment and ensure the most critical events are actioned.
- Visualized and Real-time Dashboards 24/7/365 – Your logs are reviewed in real time within Herjavec Group’s Security Operations Centre and your customized dashboard are continuously updated so you always have an accurate snapshot of activity within your environment. Our team of security specialists will respond to alerts as they happen, based on incident and escalation policy.