Managed Services & Solutions

mSIEM - pronounced "em SIM" or "em SEEM"

If you have IT infrastructure, then you have assets that are under constant threat. How do you detect if your systems are attacked? Would you know if your data was stolen or altered? What if malware was placed on a critical server? Many security products promise to protect you, but breaches keep happening. Our tools and expertise help you monitor your systems, network and other critical elements to identify suspicious activity and act before it’s too late.
mSIEM Elite

mSIEM Elite

Our most in-depth service. Our Security Operations Center (SOC) watches your network, investigates security alarms, tunes the system for better visibility, and works with you when they find anomalies. You don’t need to manage the security platform or watch the console day by day - we do that for you. Let us take care of it all while you focus on your business.More Info
mSIEM Enhanced

mSIEM Enhanced

Are you able to respond to alarms and conduct security investigations, but occasionally need another set of expert eyes to make an assessment? With our Enhanced service, we take care of the platform 24x7 while you focus on security, but we back you up with highly skilled analysts who can help you work through complex incidents. And we meet with you quarterly for a more holistic review of the platform and configuration.More Info
mSIEM Essentials

mSIEM Essentials

Do you review the alarms and reports from your security tools, but don’t have time to maintain them? Our Security Operations Center (SOC) monitors 24x7 while you focus on investigations. Let us take care of patches, updates, health & performance, security enhancements, data flow, and troubleshooting while you focus on analysis. We meet with you quarterly to review your security posture and recommend improvements.More Info
mSIEM Elements

mSIEM Elements

A co-managed solution for meeting policy requirements. mSIEM Elements is an Open Source Host and Endpoint Security platform with a real-time and user-friendly log searching console for your OS logs and Alerts.More Info

Services

Threat Feeds & Vulnerability Scanning

Many clients will have additional Threat Feeds or Vulnerability Scanning tools in addition to Alienvault. Castra Consulting can bridge the gap between the two. More Info

mSIEM T3/T4

If you have managed a SIEM or USM before, you know new questions pop up every month. Castra SOC and Consulting team can help as a T3/T4, on demand serviceMore Info

Active Response

Netshield’s Snoopwall

Using Netshield's Snoopwall, Castra Consulting can add Active Repsonse to the client platform. More Info

Brand and Executive Exposure Monitoring

With 4IQ Castra can add deep web and dark web monitoring for client Brand and Executive exposure, and of course bring that into any platform for notification purposesMore Info

Consulting

Do you have a custom application or system not currently supported by the USM platform? You certainly want to capture those logs for correlation, reporting, and compliance. Our team can build plugins to integrate these other data sources into the system so that you can get real value from them.

What about other IT infrastructure, like a 3rd party ticketing system or a business analytics tool? Do you need to link in your security platform to make sure that the right people get the right data to protect your network? We can do that, and we’ve done it successfully many times already with a variety of well known tools on the market.

Want to take security response to the next level by triggering automatic blocks, data forensics captures, network traffic recording, or other actions? Our security-savvy development staff can build the automation and connect together systems that, until now, required your team to manually hop between them and respond.

Professional Services

Available after project scopingMore Info

Custom Integrations

If it has an API, we can make it work

If it has an API, we can make it work
If it doesn't have an API we can likely make it work

• Custom Threat Feed Integration
• Remote system integrations
• Custom log ingestion
• Active Response
More Info
OSSEC

OSSEC

OSSEC actively monitors all aspects of Unix system activity with file integrity monitoring, log monitoring, rootcheck, and process monitoring. More Info
Soltra

Soltra

Castra has developed technology integrating the Soltra Edge platform with AlienVault's OTX. More Info