Tailor-made solutions
Within the framework of delivery of an SIEM solution, we understand that merely delivering and connecting the equipment is not enough. Customising it to suit customer requirements represents the greatest added value which will make the SIEM solution an effective and powerful tool in the hands of security monitoring. This is why in the delivery we pay particular attention to analysis of the infrastructure and proposal of detection and correlation rules.
Services
- This consists of identifying all assets which will be monitored by the SIEM solution, including determination of their value, links to other assets and determination of the priority of their connection. Assets which are critical from a business perspective are in particular addressed. Analysis also includes identification of monitoring availability of the infrastructure with the aim of identifying the limits of security and operational monitoring, including a proposal for improvement of monitoring availability (security development strategy). In addition to this, a plan for connecting individual assets (log sources) is drawn up according to the determined or recommended priority. Analysis also includes definition of users and their roles. Here we suggest which employees should be able to access the SIEM solution and in which roles, which parts of it they will see and which data they will have access to.
- We deploy and install all components of the solution proposed in the Target Concept. The entire installation is performed in accordance with general security principles in order to meet the target requirements and to minimise operational and security risks. All installation steps follow our best-practice guidelines for SIEM solutions in their individual parts.
- This consists of integration of assets (log sources) according to the logging architecture and proposal, implementation and testing of detection and correlation rules.
- Integration is implemented mainly on the SIEM side of the solution, but we also provide assistance with the actual configuration of assets (log sources), for example in the form of detailed configuration instructions or assistance with setup.
- Proposal, implementation and testing of detection and correlation rules is performed in connection with Risk Analysis in combination with threat modelling. The rules are adapted as far as possible to the specific conditions of the organisation. However, work on the rules does not end with implementation itself and it is necessary to develop them over time to reflect the real threats and the current situation in the infrastructure.
- The entire solution deployed by us is tested, with performance of acceptance tests, high availability tests and optimisation of correlation rules. The last thing is drawing up of documentation describing the architecture of the solution including addressing, integration with the infrastructure, connection of the log source including connection methods, detection and correlation rules which have been created and other relevant issues.
Partners
We will be happy to consult your specific situation.
Privacy policy
Personal data are processed for the purpose of enabling Aricoma to offer its products and services in the form of telephone, email and other messages. Personal data comprises contact information and other personal data obtained directly from you. Your consent to the processing of your personal data is limited to a period of three years. The data controller is exclusively Aricoma Enterprise Cybersecurity a.s., VAT No. CZ04772148, Voctářova 2500/20a, CZ-180 00 Praha 8. You have the right to revoke your consent at any time by writing to Aricoma, Voctářova 20a, 18000 Praha or by emailing: gdpr [at] aricoma.com. If your consent is revoked, your data will no longer be processed for the aforementioned purpose and all data obtained for this purpose will be deleted, assuming that no other legal grounds exist for the processing of such data. If you suspect that your personal data is processed in violation of the applicable legislation, you have the right to file a complaint with the Office for Personal Data Protection, Pplk. Sochora 27, 170 00 Praha7; www.uoou.cz.