IT Security Monitoring
Real time surveillance for an early detection of cyber-attacks
Early warning is the first step in a successful defense
A minimization of damage by early detection of cyber-attacks is the most important goal of IT security monitoring. Our proactive IT security monitoring collects event data from different operative levels and analyzes them in real time. The correlation of data from a network anomaly detection, network and web application firewall protocols as well as metrics of system and application monitoring allow for a comprehensive cyber-attack risk evaluation. With these analysis results, target-oriented measures to contain such attacks can be designed.
A correct categorization of information assets is especially important with IT monitoring. It encompasses the hierarchic incorporation of components in respect to their used topology, the registration of system and application software as well as shared public services and allowed user access and the classification of network traffic profiles. The configurations that were set during this step are fundament to the ongoing monitoring of the Security Controls and the correlation within the Complex Event Processing.
Security Incident and Event Management
The technologies summarized in the term SIEM are based on the results of security relevant data in a central repository, which is permanently provided with data by different agents. Security relevant processes can be controlled, events correlated and in case of an incident a forensic analysis can be executed with the help of this central database.
Managed SIEM for Private Clouds
To successfully use SIEM, some requirements have to be met:
An integral security management requires detailed knowledge about the hosting platform, the established security controls and the system as well as the application software.
A 24/7 standby for incident managers and administrators has to be organized.
For every incident there must be conducted a quick risk evaluation. Also action plans have to be available.
Action plans have to be trained so they can be reliably realized in case of an emergency.
Why should we be your IT service provider?
As managed hosting provider, we obviously know your e-commerce application well. Additionally, we have all the software required for SIEM such as the monitoring of the cloud infrastructure as well as the tools for central storage and event analysis ready for operation. We are also the first point of contact for the identification of attacks, initiation of defensive measures and data backups.
Other performance features of our IT security are central contact persons who know your web application well, short communication ways and important Security Assessment services.