Like attackers constantly changing their approach, detection mechanisms need to be continuously tuned. Covering all attack vectors is not a viable solution for most companies, which is why it is all the more important to optimise the defence specifically for the individual threats. We offer support in identifying your own threats and then implement the required detections directly.
We have special competences in Log Management, and we offer the following services in this area:
- Developing conceptional designs of single- and multisite cluster log management environments.
- Building, maintaining and upgrading of single- and multisite cluster log management infrastructures.
- Standardized log collection from various different sources and transformation into an unified event format.
- Implementation of own, as well as Splunk Apps within your existing environment.
- Development of relevant security alerts, reports and creating new dashboards based on use cases for your IT security team.