mSIEM Elite

Our most in-depth service. Our Security Operations Center (SOC) watches your network, investigates security alarms, tunes the system for better visibility, and works with you when they find anomalies. You don’t need to manage the security platform or watch the console day by day - we do that for you. Let us take care of it all while you focus on your business.

mSIEM Elite takes care of the two main roles described above. This is the premier solution, and triaged alarms are reported to the client via in platform ticketing or their preferred method of notification

All elements of mSIEM Edge plus:

Customized Threat Detection
• Expert assistance on new service deployment from Security Operations Team
• Intensive analysis of customer needs and network environment
• Custom configuration of AlienVault platform
• Vulnerability assessment scan tuning
• Correlation optimization and alarm tuning assistance

Recurring Performance Reviews
• Scheduled teleconferences with Security Operations
Team covering:
     ◦ Alarm review and noise reduction
     ◦ Capacity planning
     ◦ Risk posture adjustments
     ◦ Report customization

Ongoing Health Monitoring
• 24×7 monitoring of appliance health by Security Operations Team
• Cloud-based platform continuously monitors:
     ◦ Hardware and software stats
     ◦ Event flow rates
     ◦ Capacity and performance information
• Proactive tuning and customer notification upon problem detection

Alarm Review
• Customer may escalate alarms for expert analysis
• Response and recommendations within 3 business days
• Advanced alarm response and forensics available for additional fees on a per-incident basis

Premium Alarm Monitoring and Response
• 8×8 alarm monitoring for devices and logs feeding client SIEM
• Proactive tuning and/or customer notification upon incident detection

Learn More