Security Information and Event Management (SIEM)
Every enterprise is experiencing constant threats of intrusion from multiple sources. These can no longer be assessed on an ad hoc or reactive basis. However, they can be captured through consolidated analysis of logs from operating systems, applications, databases, and network and security devices. Moreover, the ability to conduct real-time analysis of these logs is essential to detecting; preventing, and responding to cyberattacks.
Our Partnership with Paladion: Ensures Low-Cost, High-Value SIEM Environments
NCS leverages the full spectrum of resources available from Paladion, a world-leader in security solutions, to provide a complete line of advanced SIEM solutions within an extraordinarily cost-effective, managed security services provider (MSSP) delivery model.
The Paladion Security Operations Center
The Paladion Security Operations Center (SOC) is specifically designed for continuous management of internal and external security threats.
Features and Capabilities
- 400+ security experts
- Advanced correlation and analytics
- Integrates with all popular, on-premise SIEM solutions/frameworks
- 24 x 7 x 365 event monitoring services
- Real-time intrusion detection, alerts, and response
- Attack analysis and correlation for logs from multiple sources
- Multiple alert mechanisms
- Multi-vendor and scalable platform support
- Supports a large number of devices
- Smart bandwidth utilization
- Intelligent event capture
- Incident management and reporting
- Forensic analysis
- Risk-based prioritization of incidents
- Security dashboard offers online reports and visualizations: 250+ predefined report templates
Analytics: Millions of Events Culled Down to Actionable Insights
The Paladion security monitoring architecture is designed to collect, aggregate, normalize, and filter millions of events from thousands of assets across customer networks into a manageable stream, and rank them according to risk policies. Prioritized events are correlated, investigated, analyzed, and remediated using the advanced tools available to the SOC security practitioners.
You Connect Your Log Management Capabilities to Our Advanced SIEM Analytics Tools
The SOC is connected to our clients log servers via agents that report information to the Paladion Security Information and Event Management (SIEM) server at the SOC. Customer logs are parsed into individual streams using strict access controls.
If a security breach occurs, a response is executed, to diagnose and secure the threat. This enables our clients to protect, detect, respond to, and remediate security breaches as quickly as possible.
Our team of security experts can identify the root causes of incidents, and communicate the issues and responses to key IT and business managers. Inherent in this service is a crisis response plan, which enables our clients to investigate, assess, and contain security breaches.
Data Leakage Monitoring and Advanced Persistent Threats
Data leakage risks are most often associated with malicious insiders, vendors, partners, consultants, and outsourcers; all of whom generally have access to internal networks. Additionally, external attackers or viruses and worms may be sitting (unrecognized) inside the network, sending out confidential information.
Together, NCS and Paladion provide the technology and services to monitor data leakage, including:
- Requirements assessments
- Setting up the policies and technologies best suited to your data protection needs.
- Incident management and forensic analysis services, if necessary
To ensure the privacy of customer data, Paladion employs techniques that prevent content from being viewed by SOC personnel. The operators only view severity levels and classification of data violations, and then trigger alerts, along with response actions for prevention. Customer personnel then act on these alerts in concert with our forensic and incident management team at the SOC.
Paladion provides a broad range of information risk management technologies and consulting services to more than 700 large and mid-size organizations, worldwide. The company's portfolio of security and risk management offerings includes security strategy development, planning and implementation, security assurance, penetration assessments, code reviews, IT governance and compliance, security monitoring and analytics, managed security services, and risk management consulting.
Recognized as the largest pure-play risk management services provider in Asia, the company has been acknowledged and awarded by Gartner, Asian Banker, and Red Herring. Paladion is also actively involved in several information risk management research forums.
NCS works with Paladion to jointly develop, deploy, and manage security solutions for our customers. In this endeavor, NCS works with lead customer contacts to coordinate and manage activities and projects, in order to ensure a high degree of customer service and success.
For More Information
Contact us at (855) 879-2373 to learn about our security services, or request more information by submitting the form below.