Successfully reported this slideshow.



Published on

Project Plan for think of SIEM

Published in: Technology


  1. 1. SIEM - Design and Integration Services Expertise in delivery from start to finish - that is Company to our clients, and it is what we bring to every SIEM engagement. Leveraging a phased approach, we systematically guide you through the requisite stages of solution deployment. We collaborate with each client to design a plan geared around your specific needs. Typical SIEM Project Phases appear below. Phase 1 – Assessment & Requirements Gathering In Phase 1, COMPANY will perform a detailed assessment of the client’s environment to inventory the existing security architecture and identify the basic requirements of the SIEM. These requirements provide the essential building blocks of a well-operating real- time security monitoring solution. COMPANY and the client, including team members from Information Security, IT Risk, and others to be identified, will jointly review the requirements and validate that all of the client’s needs and requirements are addressed. Work during Phase 1 – Assessment & Requirements Gathering includes the following tasks: 1. Understand the current enterprise security architecture and its critical components; determine where standards exist for ESA configuration and where consolidation is required. 2. Understand the current tools and procedures used to determine potential risk and procedures used to confirm regulatory compliance. 3. Identify the business objectives to be met by the development and implementation of a SIEM. 4. Identify the business-critical resources to be monitored by the SIEM. 5. Manage Vendor Selection and/or RFP Process Phase 2 – System Design During Phase 2, COMPANY will convert all gathered SIEM requirements to client-specific Use Cases, and author a detailed technical design of the planned SIEM deployment. Work during Phase 2 – System Design includes the following tasks: 1. Conversion of SIEM Business Requirements to Level 1 Conceptual Use Cases 2. Creation of Level 2 Technical Use Cases to support Level 1 Conceptual Use Cases 3. Creation of logical and physical SIEM architecture designs 4. Creation of SIEM integration project plan Phase 3 – Integration Services During Phase 3, COMPANY will implement an enterprise, Security Information & Event Management system in both Development and Production environments, based on the
  2. 2. approved design from above. Core SIEM Capabilities will include: A real-time, centralized correlation and monitoring system for the entirety of the • client’s network security infrastructure The ability to perform notification of and respond to harmful security events, • weighted by IT Asset Criticality The ability to share information security event data with all relevant business units • The ability to generate security event data for forensic purposes to help in • investigations. COMPANY Expertise – Business-Oriented SIEM Applications: While core SIEM capabilities are the foundation of any successful SIEM deployment, it is the application of those capabilities towards business-oriented applications that yield the highest ROI for our clients. COMPANY specializes in building SIEM solutions designed to integrate information security with business transaction data to reduce risk while also enhancing the client’s financial bottom-line. User Activity Monitoring - The ability to track privileged user access to sensitive • data Intellectual Property Monitoring / Protection – The ability to alert on potential • mis-use or distribution of client-proprietary or sensitive data Compliance Monitoring – The ability to alert on potential compliance violations by • integrating IT Asset data with real-time security monitoring Loss Prevention Monitoring – The ability to identify and alert upon potentially • fraudulent and / or money-laundering activity and intercept fraudulent trades before confirmation. Work during Phase 3 – Integration Services includes the following tasks: 1. Configure & Install Development Environment 2. Implement Level 2 Use Cases and Interface Component 3. Test and Document System Configuration 4. Roll-out SIEM from Development to Production Environment 5. Knowledge Transfer and Training Phase 4 – SIEM Co-Sourcing Services With years of experience designing and building SIEM solutions for our clients, COMPANY also offers long-term support for each solution we build. Through our SIEM Co-Sourcing Services, we provide a variety of 24x7 monitoring and management services to ensure long-term health of your SIEM Solution.