Managed Event Correlation Service
The Managed Event Correlation and Incident Handling Service (MSS-SIEM) is a “Security as a service” (SaaS) offering to provide visualization to data from various sources specified by the client, converts this into actionable intelligence for incident response alerting and reporting. Together with GLESEC’s Orchestration’s platform, this service integrates security information from endpoints and servers with other sources to increase confidence, reduce time to mitigate and eliminate blind spots.
How does it work?
Turnkey, Security as a Service. The service is provided both on-premise and also as an option on the cloud and it works by linking a number of sources pre-identified with the client to capture information from these sources and send to GLESEC (either the collector at the GMSA appliance or collector at GLESEC’s IDC). GLESEC’s Professional Services works with the client to setup the capture of information logs and classification of the data. The information collected is displayed in a number of dashboards. These are specific for the type of information obtained. GLESEC Operations follows established Playbooks for incident response handling.
GLESEC’s approach to threats starts with RISK of Critical Assets to identified vulnerabilities and threats and then drill-down to each for remediation and investigation is both integral and unique
Sergio Heker, CEO
The benefits of this service are:
This service can be classified according to the following table:
Each of the MSS services can be mapped to one of the seven elements of the 7eCSM.
In this case the mapping is: