Security Information & Event Management (SIEM)

Service Details  
FishNet Security provides a customized approach and understanding for each organization. Our consultants recognize business drivers and goals, and tailor solutions to meet the specific initiatives of each organization.
FishNet Security provides services to assist any organization’s response to incidents, develop overall incident management programs, and test its incident response capabilities. Our consultants utilize industry-best practices to assist you in the growth and maturity of your incident management program. FishNet Security also provides skilled consultants on short notice to assist in the response to an organization’s specific needs. FishNet Security has sent consultants internationally on less than 24-hours notice to obtain digital evidence and perform an investigation on the identified evidence.


Benefits

  • Reduce costs by up to 40 percent through decreased staffing, training, management and maintenance while improving network security, compliance, reporting and threat management
  • Provide continuous event visibility with 24x7x365monitoring, which improves compliance and raises your organization’s overall security posture
  • Leverage FishNet Security’s product procurement and deployment pricing advantages to reduce the costs associated with SIEM product rollout
  • Gain 24x7x365 visibility through a customizable web-based portal dashboard to provide assurance and confidence that your SIEM initiatives are being properly managed
  • Allow flexible reporting methodology to deliver industry vertical- and compliance-specific reports to you to ensure that complex compliance and auditing requirements have been met

Service Details

Management

  • Creation and maintenance of device groupings
  • Content and signature updates
  • Creation, modification and maintenance of “watch lists”
  • Upgrades and OS Patches

Reporting

  • Create and maintain dashboard views for business owners, security and IT personnel
  • Create, maintain and validate monthly compliance and security reporting

Monitoring and Alerting

  • Creation, modification and alerting base on preset correlated rules and events
  • Escalate alerts based on a client’s incident policies and procedures
  • Perform task triage for defined events
  • Prepare data for forensic analysis
  • System health and device status

Supported Platforms

  • EMC/RSA enVision Platform
  • IBM Q1 Labs QRadar Platform
  • LogRhythm