Threat Detection + Security Information and Event Management (SIEM) Services

Managed Threat Detection & SIEM Services

Better Visibility and Faster Response Times Means Less Business Risk

The best threat detection solution considers what is happening with where it is happening, combining organisational context with threat intelligence and event correlation. Working with a security specialist to understand the best fit for your specific needs can help make the process of setting up and managing threat detection more effective with less cost.

Key Business Benefits

Security Information and Event Management (SIEM) is a complex solution, involving design, deployment, development and management phases. At Security Centric, we provide management and assistance throughout the SIEM lifecycle. We can help you choose the right threat detection/SIEM solution, ensure your policies and procedures maximise their value and enable you to respond quickly and efficiently to relevant events and incidents.

  • Ingest of event data into best-of-breed commercial security analytics platform, to be securely stored, indexed and correlated.
  • 12 months online retention of all event data to facilitate rapid investigation including correlating recent suspicious activity with older data and support formulation of timeline.
  • Rapid incident response engineering and forensic services.
  • Security Centric red-teaming expertise is applied across the entire Assess-Secure-Detect-Respond security lifecycle.
  • A large repository of dashboards, views, searches, correlations, insights, reports and alerts are available to provide rapid time-to-value.
  • Logs are immutable to make deleting or modifying events impossible – either through malicious actions or accidentally.

 

Actionable, not Noisy Alerts

The threat detection solution is built on a cloud native platform that aggregates and ingests log data from critical pieces of infrastructure, which uses machine data analytics and automated threat intelligence to provide contextualised security information and event management. The solution combines many of the leading and effective approaches into a single integrated highly accurate threat detection platform. This is achieved through:

  • Our tailored onboarding process to identify key characteristics of normal, not-normal and abnormal/suspicious activity;
  • Integration of multiple threat intelligence feeds, overlayed onto the client’s environment activity data;
  • A large pattern database of past compromise techniques and event signals;
  • Intelligent risk scoring of secondary attributes from third-party sources, such as obfuscation techniques, VPN endpoints, proxy avoidance sources, command and control sources, reputation databases, ISP and geographic databases;
  • Machine learning of business-as-usual usage characteristics, including configurable standard deviation variation boundaries, time of day learning and risk scoring based on primary and secondary characteristics;
  • Using ‘red-teaming’ and real-world compromise forensics to train the platform to detect actual threats and ignore false positives; and
  • Custom-developed alerting and reporting systems to meet the needs of business and technical representatives, providing actionable rather than voluminous information.

Scalability and Flexibility

Get the resources that you need, when you need them. Security Centric are able to customise your threat detection plans for your business needs now, and adjust them in the future to suit organisational requirements.

Access to an Expert Team

Threat detection technology is only one part of the SIEM equation. Ensuring that you have access to an experience team of human intelligence to sort out the threats from the noise is at the heart of reducing risk. Security Centric's team of skilled analysts and engineers are at your fingertips for a fraction of the cost of an in-house team.

Independent Validation

Make meeting compliance requirements or providing evidence for risk assessments more efficient by utilising an external security team. Removing the pressure on your organisation's resources and allowing your staff to get on with what they do best, while we take care of the rest.

Get in Touch

Talk to us to find out how outsourcing CISO responsbilities to Security Centric can increase the security posture of your organisation.
Get in Touch