Your SlideShare is downloading. ×
SIEM
SIEM
SIEM
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

SIEM

3,553

Published on

Project Plan for think of SIEM

Project Plan for think of SIEM

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
3,553
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. SIEM - Design and Integration Services Expertise in delivery from start to finish - that is Company to our clients, and it is what we bring to every SIEM engagement. Leveraging a phased approach, we systematically guide you through the requisite stages of solution deployment. We collaborate with each client to design a plan geared around your specific needs. Typical SIEM Project Phases appear below. Phase 1 – Assessment & Requirements Gathering In Phase 1, COMPANY will perform a detailed assessment of the client’s environment to inventory the existing security architecture and identify the basic requirements of the SIEM. These requirements provide the essential building blocks of a well-operating real- time security monitoring solution. COMPANY and the client, including team members from Information Security, IT Risk, and others to be identified, will jointly review the requirements and validate that all of the client’s needs and requirements are addressed. Work during Phase 1 – Assessment & Requirements Gathering includes the following tasks: 1. Understand the current enterprise security architecture and its critical components; determine where standards exist for ESA configuration and where consolidation is required. 2. Understand the current tools and procedures used to determine potential risk and procedures used to confirm regulatory compliance. 3. Identify the business objectives to be met by the development and implementation of a SIEM. 4. Identify the business-critical resources to be monitored by the SIEM. 5. Manage Vendor Selection and/or RFP Process Phase 2 – System Design During Phase 2, COMPANY will convert all gathered SIEM requirements to client-specific Use Cases, and author a detailed technical design of the planned SIEM deployment. Work during Phase 2 – System Design includes the following tasks: 1. Conversion of SIEM Business Requirements to Level 1 Conceptual Use Cases 2. Creation of Level 2 Technical Use Cases to support Level 1 Conceptual Use Cases 3. Creation of logical and physical SIEM architecture designs 4. Creation of SIEM integration project plan Phase 3 – Integration Services During Phase 3, COMPANY will implement an enterprise, Security Information & Event Management system in both Development and Production environments, based on the
  • 2. approved design from above. Core SIEM Capabilities will include: A real-time, centralized correlation and monitoring system for the entirety of the • client’s network security infrastructure The ability to perform notification of and respond to harmful security events, • weighted by IT Asset Criticality The ability to share information security event data with all relevant business units • The ability to generate security event data for forensic purposes to help in • investigations. COMPANY Expertise – Business-Oriented SIEM Applications: While core SIEM capabilities are the foundation of any successful SIEM deployment, it is the application of those capabilities towards business-oriented applications that yield the highest ROI for our clients. COMPANY specializes in building SIEM solutions designed to integrate information security with business transaction data to reduce risk while also enhancing the client’s financial bottom-line. User Activity Monitoring - The ability to track privileged user access to sensitive • data Intellectual Property Monitoring / Protection – The ability to alert on potential • mis-use or distribution of client-proprietary or sensitive data Compliance Monitoring – The ability to alert on potential compliance violations by • integrating IT Asset data with real-time security monitoring Loss Prevention Monitoring – The ability to identify and alert upon potentially • fraudulent and / or money-laundering activity and intercept fraudulent trades before confirmation. Work during Phase 3 – Integration Services includes the following tasks: 1. Configure & Install Development Environment 2. Implement Level 2 Use Cases and Interface Component 3. Test and Document System Configuration 4. Roll-out SIEM from Development to Production Environment 5. Knowledge Transfer and Training Phase 4 – SIEM Co-Sourcing Services With years of experience designing and building SIEM solutions for our clients, COMPANY also offers long-term support for each solution we build. Through our SIEM Co-Sourcing Services, we provide a variety of 24x7 monitoring and management services to ensure long-term health of your SIEM Solution.

×