SIEM: SECURITY INFORMAATION & EVENT MANAGEMENT
Security Monitoring & Security Logging
Security Information Event Management
Questions you might have:
– What products do I need to combine/buy/implement for security logging and security monitoring?
– Where can I find skilled engineers with experience in implementing Security management / Logging systems?
– What logging procedures do I need to be compliant with local laws?
BSM Better Security Management is a Dutch company with 15 years of experience. We implemented on of the first SIEM systems in Amsterdam at a local bank in 2007 and since then building logging and monitoring systems is part of our daily business. One of our recent projects was with Vodafone/Dynagroup in 2014-2017
We do not sell these products, but we help you selecting the best product preventing you to spend more then needed and we help you implementing and coordinating these SIEM systems.
The products and solutions we have worked with are:
– Dragon ® DSCC from Enterasys (self learning)
– Elastic / ELK Stack (AI/self learning part is included in the commercial version of elastic)
– Nagios Logserver, Nagios Network analyser, Nagios Core
– Zabbix event logging systems
– Greylog opensource/payed log syste
Types of data we worked with are: syslog, Sflow, Jflow, Nflow, snmp, logfiles of IIS, Apache, Anti virus vendors, Cisco ASA, Juniper, Windows and Linux OS logs, Application (error) logs, etc.
Many other logging systems have simlar functions and the information needs and complaince needs are equal for any company in a specific country.
Some advantages of a well implemented SIEM system:
1. Comply with IT requirements such as transparency, measurability and accountability;
2. Clear overview of all security activities in one central dashboard;
3. You will receive automated, comprehensive management reports from the multitude of security data;
4. Connections possible between all different types of ICT systems;
5. (Automatic) deviation is detected by a combination of real-time and historical insight into network and application traffic;
6 Proactive notification of current threats and forecasts regarding future threats by using real-time and historical data;
7. Automatic warning diversion to persons or departments;
8. Central secure storage for log data; 4 eyes
9. Managent will be anabled with insight in IT performance and security
10, In case of supposed a data breach you are able to proof the (non) exiostence of a hack and do a good impact assessment
Industrial espionage through digital roads is increasing, both from within and from outside companies. A SIEM system will keep a close eye out for you, day and night, and will give you clear reports of possible threats.
Please contact us for more information on our availability, pricing and services elated to security logging and security monitoring