SIEM: Detect and eliminate IT threats in real time
Log information accrues not only in the classic IT environment Also in modern cloud environments—no matter on which cloud service layer—this information offers a benefit to your information security.
Besides log management, the evoila consulting team supports you when connecting your cloud log and event sources. Furthermore, we implement only the security use cases for you, that are relevant for your business and your security operations team. Thus, we extend your existing SIEM as central instance for attack detection.
Attacks constantly evolve
Firewall and malware protection are a mere part of a working IT security strategy. To use the full potential and ensure comprehensive protection, three parts are therefore necessary.
Our SIEM solutions for you
Security Information and Event Management (SIEM) is a concept for IT security management. Its aim is to gain a comprehensive view on security in information technology of your business.
To achieve a full overview of the state of your IT, we integrate it into our security platform. We integrate log sources of hundreds of products and log types out of the box by supporting our partners’ tools. Therefore, the integration of systems like the ones below poses no problem:
Professional SIEM solutions for your business
Our unique attributes—your benefit
One of our unique attributes is our hybrid approach. It allows to also connect your cloud services, like Office 365, Microsoft Azure AD, SaaS services, and identity and access management services to our managed SIEM.
Furthermore, we are not limited to our own security solutions, but can integrate existing concepts and are able to analyze security incidents from there by our experts. If required, we also integrate your KRITIS (critical infrastructure) components from operational technology (OT) using specialized log adapters.
Our offer is rounded off by using central cyber-security frameworks, like MITRE ATT&CK, to enable you and our SOC analysts to directly access information from the security community. This allows to access and analyze tactics and techniques used by attackers.
Individual service and pricing
Depending on the requirements, we offer a matching service level agreement (SLA) with our managed service in two variants:
- 24 x 7
- 8 x 5 with optional on-call standby
At evoila, you can choose from the following three variants for SIEM operation:
- Installation and deployment take place in your data center on your hardware
- Log data will never leave your site, computing on-premises
- You can optionally subscribe the respective licenses of our SIEM vendor
- evoila operates an Elasticsearch Stack tailored for SIEM in the evoila cloud platform
- Scalability according to your needs
- Transparent cost thanks to central reporting
- Transfer of log data via secure channel (VPN)
- Elasticsearch provides a scalable Elastic SIEM Stack
- Operation in Amazon AWS or Google Cloud (AZ Frankfurt possible)
- Transparent cost per GB/day log volume
- Transfer via HTTPS secure channel (cloud.id)
You can define your demand within these variants
A weekly reporting about the security posture of your IT environment including information about the number of incidents by priority and measures taken round off our service.
Our Certifications in data processing
We are especially proud of our data processing platform, which is certified according to ISO 27001 and BSI C5. Besides the so-called evoila cloud platform, our certification according to ISO 27001 is also valid for all sites of the evoila Group.
Advantages of SIEM at a glance
The following aspects are advantages of Security Information and Event Management solutions: