Contact Us
Security Monitoring Service
Real-Time, 24x7 Security Event & Log Monitoring, Analysis and Response
Protecting your enterprise from cyber-threats requires constant vigilance over your security infrastructure and critical information assets. In addition to protecting your organization from attacks, many industry regulations require organizations to monitor their security environment, server logs and other information assets to ensure the integrity of these systems. However, conducting effective security monitoring can be a daunting task as it requires advanced technology, skilled security experts and scalable processes.
SecureWorks' Security Monitoring Service provides your enterprise with real-time, 24x7 monitoring and response across your security infrastructure and critical information assets. Our Security Monitoring Service delivers:
- An enhanced security posture
- Compliance with regulatory requirements
- A holistic view of your enterprise's security activity
- A dedicated team of security experts
Service Overview
SecureWorks' Security Monitoring Service delivers real-time monitoring and analysis across virtually any security technology or critical information asset such as firewalls, network intrusion prevention and detection systems and servers. Our Security Monitoring Service will improve the effectiveness of your security infrastructure by actively analyzing the logs and alerts from these devices in real-time, 24x7. Our advanced technology platform correlates information from across security devices to provide our Security Analysts with the context they need to virtually eliminate false positives and respond to true threats against your enterprise. Our Security Monitoring Service will also help you comply with industry regulations by automating the collection and reporting of specific events of interest, such as failed or successful logins and any other events necessary for compliance.
Delivering Business Value
Protection Against Internal and External Threats
SecureWorks' Security Monitoring Service provides 24x7x365 vigilance over the security activity occurring in your enterprise. Alerts and logs are carefully analyzed by our team of security experts to detect any signs of malicious activity. This ensures that both insider threats, such as unauthorized activity, and external threats, such as zero-day exploits, are identified and thwarted before damage is done.
Real-Time Log Monitoring Enables Compliance
Regulations and industry guidelines, such as GLBA, SOX, FFIEC and HIPAA, require log monitoring of critical servers to ensure the integrity of your confidential data. SecureWorks' Security Monitoring Service automates this time consuming process. Our advanced technology platform analyzes your server logs in real-time to identify and alert you to compliance-specific events. Using the SecureWorks Portal, you can generate and digitally sign consolidated reports containing all the activity from across your critical servers enabling you to easily demonstrate compliance.
Demonstrating Provable Security to Management and Auditors
The SecureWorks Portal is the industry's leading client interface and provides you with real-time, enterprise-wide reporting. The Portal provides your team with on-demand access to management and technical level reports that can be used to view the security activity in your environment and measure the effectiveness of your security program.
Fully Integrated and Interchangeable Suite of Services Customized to Your Requirements
SecureWorks' Security Services, Management, Monitoring and Self-Service, are fully integrated and interchangeable to provide you with the most effective Managed Security Services that are tailored to your enterprise's requirements. This enables SecureWorks to meet your security needs whether you require full management, co-management or prefer to maintain in-house management of your security environment.
The SecureWorks Difference
Superior Context by Integrating with Virtually Any Security Device or Critical Information Asset
Context is core to an effective security monitoring strategy. SecureWorks' Security Monitoring Service aggregates events and logs from virtually any security device and critical information asset regardless of vendor. Our Monitoring Service spans firewalls, network and host intrusion prevention systems, intrusion detection systems, servers, routers and any other device that should be monitored for security or compliance purposes. This industry-leading flexibility enables SecureWorks to gain the greatest context and deliver the most effective security monitoring across your current and future technology environment.
Identification of Known and Unknown Threats in Real-Time
SecureWorks is the only vendor capable of identifying known and unknown threats in real-time. All alerts and logs are processed through a series of filters. The platform's positive filter identifies known malicious activity, the negative filter identifies known harmless traffic and the anomaly filter identifies previous unknown activity. All known malicious and unknown activity is immediately transmitted back to one of our Secure Operations Centers for analysis and response. These powerful filters enable our expert Security Analysts to protect your enterprise against known malicious activity, as well as zero-day threats. Additionally, all security events of interest are correlated with the underlying criticality rating of the targeted asset. This results in accurate prioritization and enables faster response to threats targeting your most critical assets.
Security Monitoring Tailored to Your Specific Requirements
SecureWorks' Security Monitoring Service is tailored to your unique environment and monitoring requirements. Our Sherlock Security Platform can be customized to identify specific events of interest to your enterprise whether they are for compliance or security reasons. Additionally, we can customize our escalation procedures to your current processes, whether they are specific to a group of assets, such as firewalls, or to individual devices. These procedures can be changed in real-time as needed.
Industry-Leading Internal and External Threat Visibility
SecureWorks leverages the visibility we gain from monitoring devices across more than 2,000 clients located throughout the world to deliver proactive protection. Our global visibility enables our research team to identify emerging threats as they arise and establish countermeasures to keep your critical information assets secured. One such countermeasure is SecureWorks' proprietary Attacker Database, which is continuously updated to blacklist known malicious IP addresses based on the activity we collect across our client base. Our Security Monitoring Service leverages this Database to identify and respond to any connections from these IP addresses to your enterprise. This provides an additional proactive layer of protection against known and unknown threats.
Unlimited Remediation Assistance and Security Consultation With Our Certified Team of Security Experts
As part of our Security Monitoring Service, your enterprise will receive unlimited remediation assistance and security consultation with our 100% certified team of security experts. All members of our team hold SANS' GIAC GCIA certification, as well as other security and vendor accreditations. In addition, our Security Analysts bring many years of security experience to help our clients address their most complex issues. When an incident is identified, this team will take the necessary steps to mitigate the threat before damage is done, including making configuration changes on managed devices or simply working hand-in-hand with your team until the issue is resolved. Additionally, your enterprise can leverage this team's unique insight gained from helping more than 2,000 clients to discuss any security issue you may be facing.
Real-Time Security and Service Delivery Reporting
The SecureWorks Portal is the industry's leading client interface and provides your enterprise with real-time security and service delivery visibility. Using our secure, web-based Portal, your team can generate a variety of pre-built and custom reports including trending and comparative analyses, summary views and detailed lists. These can be viewed on-demand through the Portal or they can be scheduled and emailed to your team. The SecureWorks Security Management Platform correlates all security activity collected to your underlying assets and their associated criticality ratings. This provides you with an accurate view of your risk level across your critical information assets, as well as a prioritized list of the actions you can take to reduce this risk level. Additionally, the Portal will provide you with a real-time view into events occurring in your environment and the actions our Security Analysts are taking against them. This enables transparent service delivery where you can see the value we are delivering every second of every day.
Fully Synchronous Security Operations Centers Staffed With Certified Security Experts 24x7x365
SecureWorks monitors your environment from our three fully synchronous Security Operations Centers. These Centers are operational 24x7 and are designed to seamlessly failover in case of emergency. Our SOCs are staffed with our 100% certified team of expert Security Analysts who utilize our advanced technology platform and the deep experience they have to analyze your security events for malicious activity. SecureWorks' non-tiered staffing model ensures that only true security experts will be analyzing your security event activity and addressing any issue you may be facing 24x7x365.
