In these days, systems enable automatic monitoring of suspicious activities in the network and thus can signalise potential danger without admin´s intervention. Manual network monitoring does not necessarily need to evaluate network activity properly, which can lead to threat or overloading. The SIEM system automatically evaluates individual accesses to the network and trials for intervention while comparing also apparently not unrelated actions which could remain unnoticed also by an experts. Thus, it can identify possible danger on various parts of the network and let us company know about them – the fee you pay also includes a specialists for safety and process security as well. As a SIEM system, we use AccelOps. Its collectors are installed directly on devices of your network and they are connected to monitoring systems in our company through the remote access. This solution prevents information leakage from the company as well as unnecessary internet connection overloading.
The meaning of the SIEM is Security Incident and Event Management. In other words, active collection and comparison of data from various types of devices and servers followed by launching of respective procedures.
After deploying, it is needed to maintan systems in the network in a perfect state, especially in regards to updates. From time to time, a security gap may be found, the so called backdoor, thanks to which attackers could get Access to your network and the data, which may lead to catastrophic consequences. With hundreds of devices in the network, it is challenging to monitor all potential dangers. Our company can help you by deploying the Nessus system for detecting the gaps, which will be implemented on your premises. The system actively monitors all important devices and through remote Access, it informs our company on possible risks. Our CSIRT team then evaluates all risks and according to this evaluation, we can inform you on how to secure your network and how to delete the gaps (e.g. by operation system update or installing firewall actualisation).
CSIRT team means Computer Security Response Team – security specialists who evaluate all information on incidents in your network and always provide you with professional point of view for individual issues.