Collecting the events generated by different event sources of IT infrastructure or some business assets (network devices, operating systems, access control systems, applications, etc..) is really important because, if properly interpreted, allows to determine any security issues and any lack of compliance with corporate policies. The identification of abnormal behaviors may also indicate that some IT components and/or assets have been compromised.

Obtaining a comprehensive interpretation of the security status (what is happening or what could happen) and a rapid response to security incidents is essential to have the ability to correlate the events collected from multiple sources in real time (real-time monitoring). 

We provide the following services for the most popular SIEM (Security Information & Event Management) and LogManagement platforms like Novell Sentinel, RSA enVision, ArcSight, IBM TSiem, etc.:

• Design and Installation
• Platform Assessment
• Custom collectors/connectors development
• Implementation of correlation rules
• ...