Network Security Monitoring (NSM) is essential for maintaining control of your networks.
NSM helps:
- Maintain an overview of security incidents within your infrastructure
- Detect the details of any anomalies in your configuration or abnormal component behavior
We use technologies that support integration with a series of commercial solutions:
- ET Pro ruleset and Snort ruleset as Intrusion Detection Systems (IDS)
- Scanning files transferred within the network using VirusTotal Private API
- Automatic Atlassian Jira ticket creation.
Our NSM is Based on Two Chief Components:
1) Sensor
- We select the appropriate hardware based on the given architecture and client demands for the sensor and SIEM
2) Security Information and Event Management (SIEM)
- Connects detected events
- Escalates events according to client demands
- Automatically escalates events to incidents
- Notifies responsible individuals or aggregates information into reports
Flexible APIs allow SIEM to be integrated into logs from various network elements (system logs, application logs, firewall logs, honeypot logs, or from IDS/IPS solutions)
We’re also aware that security infrastructure cannot be reliably dealt with simply by using tools! That’s why we provide a solution that includes:
- A proposal for installing measuring points in the network
- Selection of the appropriate hardware for the given architecture and client demands for the Sensor and SIEM
- Installation of all components
- Setting detection rules and notifications according to client demands
- Training personnel