Catch the Bad Guys Red-Handed with SIEM (2:43)

by | Mar 5, 2020 | Security

With Managed Security Information and Event Management (SIEM) Services, you have an extra set of eyes searching for security breaches of your infrastructure. Combining this advanced detection technology with our expert team means your network is monitored and security events responded to 24×7. With log correlation and automated alerts, cybercriminals don’t stand a chance!

Before we discuss the features included in our PULSE Alarm Managed SIEM service, it’s important to understand how SIEM’s work. A SIEM is a piece of technology that receives, analyzes, and correlates security log data from across your network. As our team constantly tunes the platform, the SIEM becomes smarter. As the SIEM analyzes data, it sends alerts for potential breaches so that network compromises can be addressed as soon as possible. By alerting on this behavior, a well-managed SIEM can help break the 3 step process of a cyber attack.

Anatomy of an Attack

Before we dive into the awesome features a managed SIEM service provides, let’s review the structure of a cyber attack. There are three phases to an attack: compromise, reconnaissance, and the attack itself. So let’s breakdown each step:

Step 1: Exploit Compromise – this is when the attacker first enters your network. Most commonly via phishing or spearphishing emails,  password spraying attacks, or exploiting known vulnerabilities on network devices and servers.

Step 2: Reconnaissance & Further Exploitation – Once the hacker or attacker is in your system, they probe for other vulnerabilities and begin figuring out how they are going to get the information or money they want and execute that plan.

Step 3: Launch the Attack – Lastly, the attacker launches their attack. Whether that’s ransomware, data exfiltration, fraud committed against the victim’s customers, or any combination of these things.

Next, let’s talk features:

24×7 Security

With Peters & Associates’ PULSE Alarm, you will have 24×7 access to support, security monitoring, alerting, and response. This means you’ll have real-time alerting with ongoing rule and device tuning. This is great for small to medium-sized businesses that have limited time and budget to staff, train, and manage network security 24×7.

Rounding out the Security Picture

In addition to monitoring for active compromises, organizations need to be vigilant about spotting concerning trends and identifying vulnerabilities before the first stage of a cyber attack can commence. In our Managed SIEM service, PULSE Alarm, one of our security analysts reviews SIEM reports on a weekly basis to spot events that did not rise to a high severity level, but should be investigated further. On a quarterly basis, our team runs an external vulnerability scan and provides a report to help address security vulnerabilities in the environment. All of these services combine to help prevent attacks from happening and, when attacks do strike, detecting breaches and reducing dwell time.

Are you ready to start using a Managed SIEM? Give us a call at 630.852.0075 or email us at info@peters.com, our experts are here to help!

Download the slide deck here.

Check out the full-length the recording below: