Security Intelligence & Risk Management
Securing a company’s environment usually requires various solutions
They come in place at different layers of the infrastructure: gateway, datacenter, endpoint, servers…
SIEM (Security Information and Event Management) solutions consolidate the relevant information from all these disparate levels and layers, analyze and correlate these events, and provide your enterprise with a clear centralized view of your security status, prioritized by asset, criticality, impact, risk level, department, and location. And all this information can be summarized by using advanced dashboards and reports that can be customized and even restricted to a specific user role.
This gives you a better understanding of your security status, and allows you to take action when it matters, and where it matters.
A single layer can be protected at different levels
Gateways can be protected by a firewall, IPS, web filtering or mail filtering
Endpoints are nearly always protected by Anti-Virus / Anti-Spyware. But we often see Host-based IPS or even Network Access Control implemented
Servers also require an Anti-Virus, but are also often under the scrutiny of advanced monitoring solutions
