Managed Event Correlation Service
(MSS-SIEM)
The Managed Event Correlation and Incident Handling Service (MSS-SIEM) is a “Security as a service” (SaaS) offering to provide visualization to data from various sources specified by the client, converts this into actionable intelligence for incident response alerting and reporting. Together with GLESEC’s Orchestration’s platform, this service integrates security information from endpoints and servers with other sources to increase confidence, reduce time to mitigate and eliminate blind spots.
How does it work?
Turnkey, Security as a Service. The service is provided both on-premise and also as an option on the cloud and it works by linking a number of sources pre-identified with the client to capture information from these sources and send to GLESEC (either the collector at the GMSA appliance or collector at GLESEC’s IDC). GLESEC’s Professional Services works with the client to setup the capture of information logs and classification of the data. The information collected is displayed in a number of dashboards. These are specific for the type of information obtained. GLESEC Operations follows established Playbooks for incident response handling.
- Two options for delivery. One is cloud-based and the other is on-prem by using GLESEC GMSA Appliance).
- GLESEC Professional Services integrates the approved information sources to GLESEC’s platform for proper data collection, identification and analysis.
- GLESEC’s Secured Operation Centers monitor, hunt and respond based on established playbooks 7x24x365 to contain, mitigate, alert and report.
- Client’s access to the GLESEC’s Orchestration platform (based on contract of Orchestration service) providing visibility of the various elements of the GLESEC 7eCSMTM framework. This allows access to detailed dashboards and reporting as well as the Case & Resource Utilization application, News service and other tools. The Case & Resource Utilization application is used to manage the full lifecycle process for threat identification and mitigation that takes into consideration all the communication interaction with various levels of the client’s organization.
GLESEC’s approach to threats starts with RISK of Critical Assets to identified vulnerabilities and threats and then drill-down to each for remediation and investigation is both integral and unique
Sergio Heker, CEO
BENEFITS
The benefits of this service are:
Provides peace of mind in the detection, identification and protection. Reduction in mitigation.
Promotes a continues risk-reduction and on-going cyber-security improvement and mitigation process.
Optimization of the use of existing security controls by applying incident response from GLESEC’s operations to data collected from the organization.
Helps eliminate cyber-security risk factors that can impact business operations.
Augments the internal staff by partnering with an organization with core competency in cyber-security operations.
Meets compliance in regulatory requirements
Most cost-effective solution based on the benefits of outsourcing.
This service can be classified according to the following table:
Monitoring
Yes
Testing
Protection
Compliance
Forensic
Yes
Remediation
Mitigation
Yes
Each of the MSS services can be mapped to one of the seven elements of the 7eCSM.
In this case the mapping is:
