SIEM Consulting

SIEM: Detect and Eliminate IT Threats in Real Time

Log information accrues not only in the classic IT environment Also in modern cloud environments—no matter on which cloud service layer—this information offers a benefit to your information security.

Besides log management, the evoila consulting team supports you when connecting your cloud log and event sources. Furthermore, we implement only the security use cases for you, that are relevant for your business and your security operations team. Thus, we extend your existing SIEM as central instance for attack detection.

Attacks Constantly Evolve

Firewall and malware protection are a mere part of a working IT security strategy. To use the full potential and ensure comprehensive protection, three parts are therefore necessary.

Protect

Protection by procedural and functional safeguards, like firewalls, IPS/IDS, and allow-listing of applications.

Detect

Continuous protection of your environment with behavior-based policies. SIEM-as-a-Service monitors your network and log files of other applications to detect suspicious activities already at their onset.

Respond

Our team of SOC specialists analyzes the security incident and therefore enables a quick remediation of vulnerabilities. Potential threats are detected in the quickest possible manner thanks to 24/7 monitoring. Our platform’s automation technology and the proper knowledge helps us to classify potential threats, so you can focus on the essential points.

Our SIEM Solutions for You

Security Information and Event Management (SIEM) is a concept for IT security management. Its aim is to gain a comprehensive view on security in information technology of your business.

To achieve a full overview of the state of your IT, we integrate it into our security platform. We integrate log sources of hundreds of products and log types out of the box by supporting our partners’ tools. Therefore, the integration of systems like the ones below poses no problem:

  • Operating systems
  • EDR and NGAV
  • Router and switches
  • Firewalls, IDS, IPS, and NGFW
  • Web server and data bases

Professional SIEM Solutions for Your Business

Security Visibility

Our consultants connect all essential infrastructure components; thus, you know what is going on in your network.

Risk Reduction

Reduce the risk of information security incidents by individual security monitoring.

Compliance

We transform your compliance requirements in actionable use cases. Therefore, the next audit will be no challenge for you.

Our Unique Attributes — Your Benefit

One of our unique attributes is our hybrid approach. It allows to also connect your cloud services, like Office 365, Microsoft Azure AD, SaaS services, and identity and access management services to our managed SIEM.

Furthermore, we are not limited to our own security solutions, but can integrate existing concepts and are able to analyze security incidents from there by our experts. If required, we also integrate your KRITIS (critical infrastructure) components from operational technology (OT) using specialized log adapters.

Our offer is rounded off by using central cyber-security frameworks, like MITRE ATT&CK, to enable you and our SOC analysts to directly access information from the security community. This allows to access and analyze tactics and techniques used by attackers.

Individual Service and Pricing

Depending on the requirements, we offer a matching service level agreement (SLA) with our managed service in two variants:

  • 24 x 7
  • 8 x 5 with optional on-call standby

On Premise

  • Installation and deployment take place in your data center on your hardware
  • Log data will never leave your site, computing on-premises
  • You can optionally subscribe the respective licenses of our SIEM vendor

evoila ecp

  • evoila operates an Elasticsearch Stack tailored for SIEM in the evoila cloud platform
  • Scalability according to your needs
  • Transparent cost thanks to central reporting
  • Transfer of log data via secure channel (VPN)

Elastic Cloud

  • Elasticsearch provides a scalable Elastic SIEM Stack
  • Operation in Amazon AWS or Google Cloud (AZ Frankfurt possible)
  • Transparent cost per GB/day log volume
  • Transfer via HTTPS secure channel (cloud.id)

You Can Define Your Demand Within These Variants

Operation Only

Your SIEM runs on your on-premises data center, we cover operation (availability, updates, patch and change management) Log analytics and alerting is in your hands.

Security Analytics

You run the SIEM stack on your own. We cover log and event analytics with our experienced SIEM analysts and perform incident management according to your provisions.

Fully Managed

This combines the two above variants: We run the SIEM stack for you and cover log and event analytics and incident management. No personnel expenditure—full SOC/SIEM service for you.

A weekly reporting about the security posture of your IT environment including information about the number of incidents by priority and measures taken round off our service.

Our Certifications in Data Processing

We are especially proud of our data processing platform, which is certified according to ISO 27001 and BSI C5. Besides the so-called evoila cloud platform, our certification according to ISO 27001 is also valid for all sites of the evoila Group.

Advantages of SIEM at a Glance

The following aspects are advantages of Security Information and Event Management solutions:

  • Significantly reduced time to threat detection. This allows to minimize the damage that is incurred by these attacks.
  • SIEM provides a comprehensive view on the company’s security posture. Collection and analysis of security-relevant data is eased. All data is incorporated into a central repository, where it is stored for easy access.
  • SIEM solutions are designed to process vast amounts of data. Therefore, the growth of your company is not a problem.
  • Thanks to SIEM, threats can be detected, and alerts can be triggered. In case of security violations, detailed forensic analyses can be drawn up.

Modern IT Security Relies on SIEM Solutions

We show you, how to integrate them with your company environment.
SIEM has various use cases and range from security monitoring to audit and compliance reports to helpdesk to network trouble shooting. Additionally, there are:

  • Data exfiltration
  • Command and control communication
  • Privilege escalation detection
  • Compromised user credential detection
  • Lateral movement detection

Contact us!

We’re here for you

"*" indicates required fields

Name*
This field is for validation purposes and should be left unchanged.