Managed SIEM                                           Trustwave’s Managed Security Information and Event Management      ...
Service Details                                 Real-time Analysis                                 Trustwave’s Network Sec...
Upcoming SlideShare
Loading in …5

Trustwave managed SIEM


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Trustwave managed SIEM

  1. 1. Managed SIEM Trustwave’s Managed Security Information and Event Management (SIEM) solution takes the guesswork and time constraints out of log management, offering organizations three tiers of service options for log monitoring and threat management.For organizations The Challenge of Log Monitoringseeking log Monitoring system logs for security events may seem a simple matter of collecting, reviewing and archiving data logs. However, organizations attempting to monitor logs on their own in accordance with requirement 10 of themanagement solutions Payment Card Industry Data Security Standard (PCI DSS) may be overwhelmed by frequent regulation changes, or theto fulfill compliance increasing number of operation-critical tasks requiring real-time notification of abnormal events. Your organization may require a more comprehensive service solution to become compliant, and Trustwave can help. A provider of logrequirements monitoring and analysis since 2001, Trustwave understands these changing needs and has developed security event and log management services that can be matched to your organization’s needs. Efficient Analysis, Multiple SolutionsAbout Trustwave ® The Trustwave Managed SIEM solution is available in three tiers:Trustwave is a leading provider ofinformation security and compliance Self- Service–This affordable option is ideal for the client looking to conduct their own daily review and analysismanagement solutions to large and of logs, but want a third party to take on the burden of building and maintaining the infrastructure, managingsmall businesses throughout the correlation, and building normalizations. This service is delivered through Trustwave’s secure, Web-basedworld. Trustwave analyzes, protects Managed Security Portal.and validates an organization’s datamanagement infrastructure—from the Daily Analysis–Clients who want assistance reviewing and analyzing daily logs may choose to select Dailynetwork to the application layer—to Analysis, which eliminates the need for the customer to conduct these tasks; instead, experts at Trustwave’sensure the protection of information Security Operations Center (SOC) will review the logs once daily and post any relevant information and analysis toand compliance with industry stan- the Managed Security Portal.dards and regulations such as the PCIDSS and ISO 27002, among others.Financial institutions, large and small Real-Time Analysis–For clients desiring a high level of security and full service, Trustwave offers a Real-Timeretailers, global electronic exchanges, option which, in addition to all the services available with the other options, provides real-time log monitoring andeducational institutions, business real-time alerts.service firms and government agen-cies rely on Trustwave. The company’s The Trustwave solution consists of the following services by option:solutions include on-demand compli- Self-Service Daily Analysis Real-Time Analysisance management, managed securityservices, digital certificates and 24x7 Real-time Event Analysismultilingual support. Trustwave isheadquartered in Chicago with offices Daily Review and Analysisthroughout North America, South 24x7 Telephone SupportAmerica, Europe, the Middle East,Africa, Asia and Australia. 24x7 E-mail/IM Support Automated Alerts Customized Alerts Online Reporting Portal Daily and Monthly ReportsFor more information about Trustwave’s 1 Year Offline ArchiveElements of Compliance and Data Security PCI Logging Guidesplease visit: ISSUE 70 W. Madison Street, Suite 1050, Chicago, IL 60602 : 10 SIEM5610 1.888.878.7817
  2. 2. Service Details Real-time Analysis Trustwave’s Network Security Engineers will manually review and respond to security alerts, as they happen, 24x7, following the customer’s own Incident Response and Escalation Policy. Daily Review and Analysis Review and analysis of your logs by Trustwave’s experienced Security Operations Center (SOC) will occur daily, meeting requirement 10.6 of the PCI DSS. 24x7 Telephone and E-Mail/IM Support Clients have unlimited access to Trustwave’s SOC for questions about escalated events, requests for up/ down scoring and other concerns. Automated Alerts Clients may choose from one or more auto-notification templates. Customized Alerts Trustwave will tailor automated alerts specific to the needs of the client, building custom business logic. Online Reporting Portal A secure Web portal offering 24x7 access to dynamic reports and flexible query tools to help identify andTrustwave Real-time Analysis prioritize security-related events. One Year Event Archives Security event data is stored at Trustwave’s SOC for a minimum of one year for reporting and forensic purposes. Daily and Monthly Reports These reports break down a customer’s event data, tying events back to the specific PCI DSS requirements, highlighting critical issues, quiet data sources, and provide aggregate trend analysis. PCI Logging Guides Trustwave Quality Security Assessors (QSAs) developed guidelines to help organizations properly configure audit and logging settings to generate the right logs for compliance with PCI DSS requirement 10. Far-reaching Application Support Point-of-Sale (POS) devices and e-commerce payment applications provide varied and cryptic logs, resulting in security events that are difficult to identify and understand. With years of experience working with payment application and POS vendors on PA-DSS audits, Trustwave supports a wide range of system logs not recognized by many logging systems, and consistently and accurately identifies and reports important and PCI-relevant security events. Customized Service Package The Managed SIEM service tiers can be mixed and matched to different groups of assets according to your specific needs. For example, a retailer may wish to select the Daily Analysis option to meet the PCI DSS requirements of their retail location environment, for POS devices, routers and store servers. That same customer may decide that the daily analysis option isn’t enough for their domain controllers and database servers, in which case Real-Time Analysis services can be selected for those critical assets. The tiered Trustwave solution allows you to customize the best service package for your network assets of all values. Stress-free Compliance with PCI DSS Requirement 10 PCI DSS requirement 10 details a number of stringent conditions for tracking and monitoring all access to network resources and cardholder data. Implementing controls to collect and manage system activity logs in order to meet this requirement can over-extend any organization’s resources. Most organizations often find themselves lacking the people, technical skills and required infrastructure to properly manage and monitor the diverse set of system logs. Trustwave’s solution takes the stress out of log management and monitoring duties, and frees up IT staff to instead focus on remediating security threats. ISSUE 70 W. Madison Street, Suite 1050, Chicago, IL 60602 : 10 SIEM5610 1.888.878.7817