Let's find
a solution that
fits your needs
Contact us to see how we can help
with a no cost initial consultation.
Request a Quote
e: [email protected]
p: 919.595.8560

Enhanced

We care for your platform 24x7 while you focus on triage

Enhanced

We care for your platform 24x7 while you focus on triage

Are you able to respond to alarms and conduct security investigations, but occasionally need another set of expert eyes to make an assessment? With our Enhanced service, we care for your platform 24x7 while you focus on triage. Castra backs you up with highly skilled analysts who can help you work through complex incidents. We meet with you continually for a more holistic review of your platform and configuration.

Enhanced is a co-managed solution to help you meet policy requirements. Enhanced provides a great low-cost solution for entry level SIEM tool sets. Enhanced also provides great value for companies trying to meet core compliance needs.

Enhanced provides periodic report improvements, tuning and SOC access as needed. Automatic notifications are offered based on your platform. Enhanced also contains Orchestrated Reponses and on demand consultative analysis. Your team handles initial triage and can escalate and route items to our SOC for validation and corroboration.

Enhanced is perfect for organizations with dedicated staff for alarm monitoring. When Castra reviews your alarms, you can trust that we have likely seen it before and can draw upon our experience-based understanding of how the alarm was generated. Castra will walk you through the investigation process, then assist with next action considerations, including options for tuning/filtering/rewriting or validating the alarm.

Enhanced includes the following services:

Customized Threat Detection

  • Expert assistance on new service deployment from Security Operations Team
  • Intensive analysis of customer needs and network environment
  • Vulnerability assessment scan tuning
  • 24×7 health monitoring of appliance health by Security Operations Team
  • Customized orchestrated response if applicable
  • Correlation optimization and alarm tuning assistance
  • Ongoing platform improvements
  • Optional once a day alarm review by SOC

Ongoing Health Monitoring

  • Cloud-based platform continuously monitors:
    • Hardware and software stats
    • Event flow rates
    • Capacity and performance information
  • Proactive tuning and customer notification upon problem detection

Notifications and Compliance Dashboards

  • Custom notifications for Alarm outputs
  • Custom thresholding for different Alarm types and groups
  • PCI-DSS Dashboards
  • Custom dashboards and branding

Alarm Review

  • Customer may escalate alarms for expert analysis
  • Alarm response and recommendations
  • Optional once a day alarm review by SOC

Recurring Performance Reviews

  • Scheduled teleconferences with Security Operations Team covering:
    • Alarm review and noise reduction
    • Capacity planning
    • Risk posture adjustments
    • Report customization

Learn More

Let's find
a solution that
fits your needs
Contact us to see how we can help
with a no cost initial consultation.
Request a Quote
e: [email protected]
p: 919.595.8560