Security Information Event Management (SIEM)
Security Information Event Management (SIEM) is an approach to security management that seeks to provide a holistic view of an organisation’s security through taking a combined view of information feeds from a varied set of capture points, both security tools and other apparatus.
The underlying principle of a SIEM system is that relevant data about an enterprise’s security is produced in multiple locations and being able to look at all the data from a single point of view makes it easier to spot trends and see patterns that are out of the ordinary. SIEM combines SIM (security information management) and SEM (security event management) functions into one security management system.
Comtact has partnered with LogRhythm – the largest and fastest growing independent security intelligence company in the world. The company’s patented and award-winning Security Intelligence Platform, unifying SIEM, log management, network forensics, host forensics and advanced security analytics, empowers organisations around the globe to detect and respond to breaches and the most sophisticated cyber threats of today, faster and with greater accuracy than ever before.
Traditonally SIEM systems have been expensive to deploy and complex to operate and manage. While Payment Card Industry Data Security Standard (PCI DSS) compliance has traditionally driven SIEM adoption in large enterprises, concerns over advanced persistent threats (APTs) have led mid-size organisations to look at the benefits a SIEM managed security service provider like Comtact can offer.
Our SIEM technology portfolio is across a diverse range of vendors with varying strengths and weaknesses given the customer’s varied estates against matched APIs of other vendors in our client’s IT eco-system. However, all technologies we work with are capable of meeting the challenge of bridging the gap between technology with the necessary process, people and insight inputs to be able to respond to cyber threats on a real-time basis.