Managed SIEM

As network traffic and complexity increases, threat and compliance issues call for real-time alerting, correlation, analysis and auditing that can only be accomplished with security information and event management (SIEM) technology and a vigilant team of IT experts. GTIS Managed SIEM services provide world-class expertise, threat intelligence, efficiency and automation otherwise unavailable to most organizations.

Overview

As part of the Managed SIEM service, any customer premises equipment (CPE) is set up and maintained by GTIS, so you can breathe easy and focus on your core business.

GTIS Managed SIEM also can help businesses achieve compliance with regulations and requirements, including the Payment Card Industry Data Security Standard . Additionally, as a leader in  compliance solutions, GTIS works with point-of-sale (POS) vendors to develop specific logging support for in-store payment solutions.

Managed SIEM ranges from simple agent-based solutions to our Log Management and SIEM Enterprise Appliances. These appliances offer extensive capabilities for additional correlation, reporting and ad-hoc analysis, both locally on the appliance and via services provided through our Security Operations Centers.

With GTIS Managed SIEM, businesses can access our TrustKeeper web-based portal to view data and access reports related to security events, alerts and incidents.


With GTIS Managed SIEM, you can expect:

Around-the-clock support from five Security Operations Centers, staffed with experts who have in-depth knowledge and experience working with complex network environments for highly distributed environments. Save time and money while reducing your burden.

TrustKeeper Platform: All GTIS Managed Security Services are available through the GTIS TrustKeeper cloud and managed security services platform. With more than two million businesses enrolled, TrustKeeper is the portal through which businesses access a variety of subscription-based GTIS offerings, ranging from enterprise-grade managed security services to compliance and security automation tools for small- and medium-sized businesses.

Integrated threat intelligence from SpiderLabs, the GTIS advanced threat research team. Let this highly skilled group worry about your security so you don’t have to. Increase your uptime by preventing infections and keeping malware out.

Compliance support for any of a number of regulations and industry standards, including FFIEC/GLBA, SOX, and HIPAA and more. We have deep expertise in compliance and can help you navigate the complexity of these mandates.

Great value with zero capital investment, transparent flat-rate pricing, and long-term reduced predictable costs.

Features

Security

Advanced Correlation and Threat Management

Our industry-leading correlation engine offers flexibility and configurability to meet your evolving needs. Functionality includes rule, vulnerability, statistical, historical, heuristic, threat, asset, behavior and risk-based support.

Deep Forensics

Boolean logic filtering enables you to search for in-depth data at your fingertips. You can easily save, share and reuse searches, filters, lists and reports through an easy-to-use wizard-like interface.

Big Data

Our SIEM portfolio incorporates advancements that address bigger data and analytic challenges. The product contains highly scalable, distributed architecture capable of collecting, normalizing, correlating and reporting on more data than ever before.

Compliance

Audit Ready

Our SIEM portfolio lets you effectively meet your audit needs with consistent controls based on best practice frameworks and regulatory and industry requirements. Real-time control monitoring, compliance reporting, automated compliance alerting, notification and scheduling capabilities ensure your organization stays ahead of the threat curve.

Mandate Friendly

Our SIEM portfolio employs a consistent set of controls from best practice frameworks and regulatory, industry and GRC requirements – and then monitors control performance in real time. Compliance control coverage is included at no additional cost.

Enhanced Reporting

More than 600 compliance-focused reports, with more than 2,600 overall reports, are available. The reports can be scheduled or run ad-hoc against alerts, events and trend data. Configurable dashboards, correlations and filters let you quickly gain value and reduce risk.

Operations

User Experience

Our SIEM portfolio includes a familiar browser-based UI design with workflow support for analyst threat monitoring and incident response tasks. A ‘Finder’ function significantly enhances the ability to quickly identify events and activities of interest.

Operational Maintenance

Easy-to-install data modules enable standard and customized log acquisition from almost any audit source – all complemented by automated updates and centralized management. This enables collaboration among various departments.

Blended Architecture Support

Our SIEM portfolio complements existing investments in GTIS Log Management Appliances and GTIS SIEM Enterprise Appliances to help simplify large and complex deployments.

How It Works

GTIS Managed SIEM collects, analyzes and stores logs from networks, hosts and critical applications. This service extends visibility beyond the network perimeter to the application layer, helping businesses achieve more effective identification and mitigation of security threats, and compliance validation with numerous regulatory and industry standards.

We know that one size does not fit all, and GTIS Managed SIEM includes flexible options that provide customers with various choices in matching their needs with the security and compliance services that GTIS deliver. GTIS Managed Security and Compliance Monitoring services rely on audit logs to securely transmit data back to our SOCs and provide service tiers – which may be utilized individually or mixed and matched according to specific business needs – made up of the following:

Cloud Log Monitoring Service

  • Customer conduct their own monitoring via GTIS TrustKeeper portal
  • Automatic alerts to defined threats
  • GTIS implements and maintains Managed SIEM

Managed Compliance Monitoring Service

  • Periodic compliance-focused review by GTIS SOC analyst and notification to threats
  • Customers leverage the GTIS TrustKeeper portal for additional self service review
  • Multiple deployment options
  • Automated alerts to defined threats
  • GTIS implements and maintains Managed SIEM

Managed Threat Analysis Monitoring Service

  • 24×7 continuous monitoring of high-value security devices
  • Customers leverage the GTIS TrustKeeper portal for additional self-service review
  • Additional security-focused alerting
  • Automated alerts to defined threats
  • GTIS implements and maintains Managed SIEM