Custom Built Managed Services Solutions
Herjavec Group has demonstrated an innate ability to add value and context to its enterprise security customers globally, both on premise and in the cloud. Herjavec Group’s managed security service practice relies on two custom built solutions:
Herjavec Group Threat Framework
Herjavec Group Threat Framework is our starting point to gain visibility and baseline activity in each client environment. The ThreatFramework allows dynamic and evolving threat modelling to be applied within any organizational environment at the SIEM level.
We apply a set of core and advanced use cases at the SIEM level to capture log data across the Threat Framework Targets. When an applicable use case occurs, an email is triggered to Herjavec Group’s Analytics Platform.
The Analytics Platform then performs automated functions to filter, correlate and enrich the information, preparing a standardized ticket ready for investigation by a Herjavec Group security analyst, working in one of our 24x7x365 Security Operations Centers.
The Threat Framework covers key attack categories including:
- Targeted Attacks
- Traffic Anomalies
- Suspicious Activity
- Policy Violations
- Operational Scenarios
- Behavior Analytics
- Advanced Scenarios
Herjavec Group Analytics Platform
“Herjavec Group’s Analytics Platform and its incredible technical talent are solving the industry’s greatest challenge – a severe cybersecurity labor shortage”
Steve Morgan – CEO at Cybersecurity Ventures
Herjavec Group’s Analytics Platform filters threat intelligence and customer data into actionable, relevant alerts. Alerts enriched using Herjavec Group’s Threat Framework are processed through the Platform, which automatically performs additional enriching functions including IP reputation look up, protocol parsing, deduplication & rule suppression, prior to preparing a readable output for Herjavec Group’s security analysts to review and action accordingly.
Key features of the Analytics Platform include:
- Cross-Client Correlation
- Anomaly Detection
- IP Reputation Scoring
Herjavec Group Cloud SIEM
“ Within 72 hours of signing a contract we had our solution up and running, grabbing analytics, fine-tuning and we were able to get through a PCI audit in record time.”
Ed Fox – VP Network Services at MetTel
Core to our Managed Services practice, Herjavec Group’s Cloud Security Information & Event Management (SIEM) platform offers simple and scalable log aggregation and data analytics with live dashboards comprised of customized charts, tables, and alerts. The platform is scalable to the size of your complex environment, offering unparalleled speed and efficiency.
The key benefits to Herjavec Group’s Cloud SIEM platform include:
- Scalable Performance – This service grows with you. On-going monitoring of gigabytes per day will determine the need for additional growth and coverage. Proactive provisioning will ensure complete coverage of your most important log sources.
- Simplicity & Fast Time to Value – Herjavec Group Cloud SIEM offers little overhead in terms of complex infrastructure. Featuring a single virtual or physical collector on premise to collect and transport critical logs, the core analytics and live dashboards occur securely within the Herjavec Group’s Cloud.
- Complete Coverage End-To-End – Through proactive management within our Security Operations Centre (SOC), our experienced team configures and filters your SIEM service to maximize the investment and ensure the most critical events are actioned.
- Visualized and Real-time Dashboards 24/7/365 – Your logs are reviewed in real time within Herjavec Group’s Security Operations Centre and your customized dashboard are continuously updated so you always have an accurate snapshot of activity within your environment. Our team of security specialists will respond to alerts as they happen, based on incident and escalation policy.