Managed Security Services
SecurView’s Managed Services enable customers to focus on their businesses while we secure their networks and systems.
We provide managed services around major security and networking vendor devices
We combine people, processes, and technology to create a secure environment amid the complexity of modern business networks.
Our security analysts possess advanced industry certifications along with real-world security experience to assist organizations to quickly detect and effectively respond to security threats.
- Network & host defense
- Reporting & advisories
- Malicious code & virus protection
- Intrusion Detection
- Vulnerability, risk, & penetration
- Data fusion, correlation, analysis, & storage
- Management of key enablers/devices
- Configuration management
- Patch Management
- Computer incident response
- Forensics & investigations
SecurityHQ is our service delivery platform that integrates operations and Managed Services in a multi-tenant environment.
- Lightweight and secured user interface
- Aggregates information from multiple sources and offers them from a unified interface
- Active Directory integration for authentication & security policies
- Inbuilt ticketing with support for incidents, changes, and requests
- Customizable workflows
- SLA monitoring and alerts
- Customizable notifications
- Provisional product catalog
- Automation for efficiency
- Serves as an “in-cloud” service-delivery platform for direct/indirect customers
- Channel partners can view/update tickets if required for their customers
- Helps the SOC team “operate” the Managed Security Services from a central location supporting multiple “Points-of-presence”
- Provides secured interfaces to customer and partner users for collaboration with the service provider
- Provides out-of-the-box features for automation, reporting, and SLA tracking
- Provides a single-pane-of-glass interface to the customer allowing them to interact with the SOC
Our SOC Security Intelligence Platform and Cisco’s next-generation ASA firewalls integrate to provide unprecedented visibility and control into client-side applications, operating systems, virtual machines and mobile devices to meet a variety of use cases and strengthen end-to-end threat lifecycle management.
Management Center Integration
Our SOC technology leverages Cisco’s eStreamer API to collect network security and flow data from the Cisco FireSIGHT Management Center (formerly Sourcefire), including information generated by Cisco’s next-generation firewall, Cisco ASA with FirePOWER services, and by Cisco’s next-generation Intrusion Prevention System (NGIPS), Cisco FirePOWER NGIPS.
Our SOC can ingest and optimise FireSIGHT data in real-time, and correlate threat activity and known vulnerabilities with other network data to deliver advanced security analytics, extended visibility, and provide continuous monitoring for real-time threat detection and response.
Our SOC can initiate an immediate protective action such as terminating communications with command-and-control servers or adding the malicious IPs to a Cisco firewall policy to prevent critical applications and servers from exposure.
- Real-Time Incident Response System
- Baseline of the AMP for endpoint traffic for applications, documents, IP address, whitelist, and blacklist.
- Collect the real-time events from the Firepower and AMP console through secured channel
- Correlate events to enhance the monitoring standard and identify the possible incidents in the client’s network more accurately
- SOC team responds to the customer via email, phone, etc. for event responses and escalations
- Provide your IT Management team with specific policy level recommendations to address an immediate or impending threat
- Weekly and Monthly Security Reporting
- Quarterly Business Review
Event Storage for Forensic Analysis
24×7 Security Monitoring and Advanced Event Correlation of Customer Devices using SIEM tool
ISO PCI-DSS 27001, SANS 20 Compliance Reports
The configuration of the following:
Antivirus, Antispyware, File Blocking, Anti-Spam, Anti-Phishing, Content Filtering, URL Blocking, and URL Filtering
Performance, Availability, and Threat Management
Customizable SLA Response Time
Weekly, Monthly, and Quarterly reports
Advanced Event Correlation and Real-Time Incident Response
Access to Security Knowledge Base
In-Country Log Retention
Our Services are Scalable, Compliant, Cost-effective, and 24x7x365.