Find & Fix
Continuous monitoring finds vulnerabilities fast, before hackers can attack
NetDefend® Manager delivers deep insight into your security and compliance posture without the expense and complexity of doing this in-house
Security Incident and Event Management (SIEM) managed service provides event collection, advanced event analytics and correlation real-time alerting, reporting, daily log reviews and prioritized security analysis. Ideal for customers wanting a holistic view of their security with improved event response and those wanting to manage their industry compliance requirements.
NetDefend Manager provides automated incident alerting, incident reporting, daily log reviews, log analysis and customized escalation procedures. The platform is driven by an enterprise-class, cloud-based SIEM engine that consumes log and event data via remote collectors. The managed services SIEM platform is operated from a Security Operations Center (SOC) that is staffed by certified security analysts. Customer support to the SOC is available 24/7 via phone, email, or web ticketing.
NetDefend Manager provides users an easy-to-use web interface with dozens of dashboard elements, reports, and rapid search capabilities. Netelligent provides on-board training and assistance with utilizing the SIEM platform. While this is a powerful tool, expert knowledge of how to use a SIEM platform is not necessary to get the value from this service.
Netelligent configures the SIEM rules engine and tunes the service to fit your environment, captures incidents, and determines which incidents are most important that require attention. Critical and important alerts are sent via e-mail and all other interesting data is available via reporting and also via the web portal. A dashboard on the web portal provides a quick view of your security posture and important risks and threats.
How it works
Client infrastructure log and event data is collected by a local log data collection appliance (virtual or physical) and then forwarded via a secure encrypted transit to the NetDefend Manager Security and Incident Management (SIEM) platform. The NetDefend Manager platform is an advanced analytics and correlation engine. Paired with innovative security rules and a threat intelligence database, NetDefend Manager determines which events represent a security or compliance-related incident. The SIEM engine essentially distills millions of events down to a manageable level of actionable alerts.
Events from client systems are funneled through the NetDefend Manager rules engine to create incidents that are then enhanced with meaningful data and assigned a severity level. Based upon the severity level, incidents may result in a ticket and client notification. All incidents, regardless of severity level, are captured and available for review in the NetDefend monitoring portal via dashboard widgets, searches, and reports.
Detect and Defend
You can’t afford to not protect your business and its assets. Let defense become your best offense with reinvented managed security services.