Custom Built Managed Services Solutions
Herjavec Group has demonstrated an innate ability to add value and context to its enterprise security customers globally, both on premise and in the cloud. Herjavec Group’s managed security service practice relies on two custom built solutions:
Herjavec Group Threat Framework
Herjavec Group Threat Framework is our starting point to gain visibility and baseline activity in each client environment. The Threat Framework allows dynamic and evolving threat modelling to be applied within any organizational environment at the SIEM level.
We apply a set of core and advanced use cases at the SIEM level to capture log data across the Threat Framework Targets. When an applicable use case occurs, an email is triggered to Herjavec Group’s Analytics Platform.
The Analytics Platform then performs automated functions to filter, correlate and enrich the information, preparing a standardized ticket ready for investigation by a Herjavec Group security analyst, working in one of our 24x7x365 Security Operations Centers.
The Threat Framework covers key attack categories including:
- Targeted Attacks
- Traffic Anomalies
- Suspicious Activity
- Policy Violations
- Operational Scenarios
- Behavior Analytics
- Advanced Scenarios
Herjavec Group Analytics Platform
Herjavec Group’s Analytics Platform filters threat intelligence and customer data into actionable, relevant alerts. Alerts enriched using Herjavec Group’s Threat Framework are processed through the Platform, which automatically performs additional enriching functions including IP reputation look up, protocol parsing, deduplication & rule suppression, prior to preparing a readable output for Herjavec Group’s security analysts to review and action accordingly.
Key features of the Analytics Platform include:
- Cross-Client Correlation
- Anomaly Detection
- IP Reputation Scoring
Herjavec Group Cloud SIEM
Core to our Managed Services practice, Herjavec Group’s Cloud Security Information & Event Management (SIEM) platform offers simple and scalable log aggregation and data analytics with live dashboards comprised of customized charts, tables, and alerts. The platform is scalable to the size of your complex environment, offering unparalleled speed and efficiency.
The key benefits to Herjavec Group’s Cloud SIEM platform include:
- Scalable Performance – This service grows with you. On-going monitoring of gigabytes per day will determine the need for additional growth and coverage. Proactive provisioning will ensure complete coverage of your most important log sources.
- Simplicity & Fast Time to Value – Herjavec Group Cloud SIEM offers little overhead in terms of complex infrastructure. Featuring a single virtual or physical collector on premise to collect and transport critical logs, the core analytics and live dashboards occur securely within the Herjavec Group’s Cloud.
- Complete Coverage End-To-End – Through proactive management within our Security Operations Centre (SOC), our experienced team configures and filters your SIEM service to maximize the investment and ensure the most critical events are actioned.
- Visualized and Real-time Dashboards 24/7/365 – Your logs are reviewed in real time within Herjavec Group’s Security Operations Centre and your customized dashboard are continuously updated so you always have an accurate snapshot of activity within your environment. Our team of security specialists will respond to alerts as they happen, based on incident and escalation policy.