- Protecting customer values and safeguarding their business against costly incidents.
- We record and visualise breaches of security of information and communication systems.
- We facilitate the investigation and documentation of security incidents.
- We provide online evaluation of millions of items of information that affect information security.
- We adhere to international corporate standards and also support the ITIL.
The TRCZ Company recognises the importance of information security. It prefers a systematic approach rather than the utilisation of one-off measures. It is for this reason that this company chose us for the implementation of the complete security monitoring (i.e. the SIEM).
DESCRIPTION OF THE INITIAL SITUATION
The TRCZ Company adheres to its in-house security standards. For this reason it needed to obtain an overview of the operation and the security of the information and communication systems. It required an instrument that, in the event of a security incident, would provide the necessary resources for implementing its conclusive examination.
IT STARTED WITH A FREE TRIAL
In the initial stage, we offered free testing of the SIEM technology to TRCZ to enable them to compare it with the other available solutions. Also important was the initial analysis, during which the manner of the collection and the evaluation of the operational and security logs was planned. The actual implementation took place in accordance with the implementation project, of which we are the expert authors.
THE RESULTS OF OUR WORK
- Documentation of the analysis and also of the implementation project.
- The introduction of a tool that merges thousands of hard-to-read system messages into a few clear and comprehensible security incident reports.
- We recognise harmful behaviour. The solution is, by monitoring the transmitted data streams, to be able to detect the transmission protocols to the level of the application traffic.
- Activated system intelligence for detecting recent global threats (e.g. identified sources of malware, spam, DoS, botnets on the Internet).
- Comprehensible non-manipulable reports to the management enabling the utilisation of measures for increasing both work-efficiency and also the security of the company.
- We provide support for the solution through the SLA that respects the ITIL recommendations.
WHAT THE CUSTOMER ESPECIALLY APPRECIATED
- A tool supporting the fulfillment of corporate standards.
We have designed and delivered a complete security monitoring solution that is consistent with the security concept of the global corporation.
This solution also enables supplementing the events with the data from the system of identities.
- Online monitoring of security incidents and the manner of using information and communication systems.
The solution collects and analyses log files and streams from all major ICT systems. The administrator is instantly alerted to any significant operational or security events.
- No need to be a technical expert.
The outputs are comprehensible both to the administrator and the management, while the solution includes a user-friendly graphic web interface that provides easy viewing of the IT features monitored.
- Instant graphic outputs in the form of correlated events and information about identity.
These enable the analysis of the transmitted data streams in the application layer and the recognition and the evaluation of the application protocols.
- Regular reporting constitutes an important aspect of the solution.
Only in this case is it possible to check operational efficiency and to maintain security at the required level over the long term.