|
|
SIEM
Solution Overview
SIEM Expertise –
start to finish. It’s
what you are looking for,
it’s what Vigilant
has, and it’s what
virtually no other company
can provide.
- Deep understanding
and certification on
leading Security Information
& Event Management
(SIEM) vendor technologies,
including system architecture,
configuration, and performance
tuning
- Years of experience
delivering global SIEM
deployments at Fortune
1000 clients
- Industry-specific
requirements gathering
and use case development
for mission-critical
solutions, such as User
Activity Monitoring,
Compliance Monitoring,
and Loss Prevention
(including real-time
Fraud and AML)
- Proven Methodology
that delivers business-oriented
solutions, designed
to enhance the corporate
bottom-line
Our refined and field-tested
services approach is designed
to yield high Return-On-Investment
for our clients. By employing
our AUDITS™ Methodology,
Vigilant implements SIEM
technology to deliver
solutions that solve true
business problems.
- Assess
- We assess a client’s
current enterprise security
architecture, in preparation
for a real-time SIEM
deployment. We look
for opportunities to
reduce costs by consolidating
existing equipment and
software. We determine
how SIEM will best fit
into the client’s
enterprise security
architecture to deliver
maximum benefit.
Typical Services at
this stage include:
o Enterprise Security
Architecture Assessment
o SIEM RFP Authoring
& Process Management
- Understand
- Vigilant then seeks
to understand its client’s
business requirements
as they relate to SIEM.
Defining requirements
prior to beginning a
SIEM project is critical
to the eventual success
of the initiative. Otherwise,
implementations can
become distracted by
“feature tangents”
and miss the intended
mark. It is important
to be practical in the
deployment of SIEM,
focusing on tangible
and manageable steps
that result in true
business relevance.
Typical Services at
this stage include:
o SIEM Assessments
o Business Requirements
Gathering
o Vendor Scoring, Product
Evaluations or Pilots
- Design
- Based on completing
a thorough Assessment
of a client’s
environment and thoroughly
Understanding the business
drivers behind a security
management initiative,
Vigilant will develop
a technical design and
project plan in preparation
for the implementation.
Typical Services at
this stage include:
o Conceptual Use Case
Development
o Technical Use Case
Development
o Solution Architecture
- Implement
- Vigilant’s SIEM
engineers will then
implement the client’s
SIEM solution based
on Vigilant’s
approved, detailed design.
Typical Services at
this stage include:
o Development Lab Installation
& Configuration
o Hands-on SIEM solution
development & testing
o SIEM solution documentation
o Development to Production
Environment Cut-over
- Train
- During the course
of an engagement, Vigilant
will develop a detailed
Transfer of Knowledge
document to assist the
client in maintaining
the work that Vigilant
performed. Additionally,
during all phases of
the project, Vigilant
encourages client personnel
to participate. In this
way, Vigilant can train
the client’s personnel
in the operation of
the system. Vigilant
also conducts formal
classroom training in
SIEM operations as well.
Typical Services at
this stage include:
o One-to-one, Vigilant-Client
training
o Vigilant-led classroom
training
o Review of SIEM Operations
Manual
- Support
- One of the most compelling
services that Vigilant
offers is the ongoing
support of SIEM solutions,
through our SIEM Co-Sourcing
Service. Co-Sourcing
provides the 24x7 monitoring
of traditional MSSP
outsourcing, with the
added benefit of a tailored
SIEM solution and without
the risk of internal
data transfer and exposure.
Typical Services at
this stage include:
o 24x7 SIEM Monitoring
& Management
o Security Incident
Response: Investigation,
Remediation and Response
o SIEM Content Tuning:
Agents, Rules, Reports,
Users
o Database management:
partitions, archives,
tuning
o New SIEM Content Development
o Scanning and Certification
Services
|
|
|
|
AUDITS™
Methodology
|
