mSIEM Enhanced

Are you able to respond to alarms and conduct security investigations, but occasionally need another set of expert eyes to make an assessment? With our Enhanced service, we take care of the platform 24x7 while you focus on security, but we back you up with highly skilled analysts who can help you work through complex incidents. And we meet with you quarterly for a more holistic review of the platform and configuration.

mSIEM Enhanced plays directly off mSIEM Essentials, thus contains everything mSIEM Essentials does, yet adds a layer of investigation. The client is still working the alarms, but can escalate and/or route alarms they do not understand to our SOC for validation and corroboration. This particular scenario is good for shops with dedicated staff to alarm monitoring. Castra Consulting has likely seen the alarm before, and/or has innate understanding of how the alarm was generated and can walk the client through the investigation process, then assist with next action considerations - next actions could include tuning/filtering/rewriting or validation of the alarm.

All elements of mSIEM Essentials plus:

Alarm Review
• Customer may escalate alarms for expert analysis
• Response and recommendations within 3 business days
• Advanced alarm response and forensics available for additional fees on a per-incident basis

Learn More