Advanced SIEM

Security and compliance both require more than endpoint and network security.  AlertShield Advanced services provides vulnerability management and log management that provide the utmost in visibility of all of your systems.  Our 24×7 security operations team investigates alarms raised based on our ongoing monitoring and tuning of security tools.

  • SIEM log correlation collects and inspects logs from all servers, firewalls, switches, and routers and raises an alarm when suspicious behavior is detected across systems.  This vulnerability management service allows us to put 2 and 2 together in order to detect a security incident that otherwise would not have tripped an alarm on one specific device.  We also help you satisfy log retention requirements of PCI, HIPAA, and other regulatory requirements.
  • Real-time network behavior analysis learns your networks data patterns and raises an alarm when there is a variance from the norm that may indicate a compromise or data theft.
  • File integrity monitoring of key files and programs allows you to detect unauthorized changes to key system and application files.
  • Internal vulnerability scanning identifies security holes in your systems and our security engineers recommend changes to remediate the vulnerabilities.