Operations & Maintenance

Most organizations find it difficult to identify and retain qualified IT security resources. The types of individuals required to run a Security Operations Center (SOC) just don’t exist in some cases.  Most research studies will tell the same story, there are not enough qualified personnel available to meet today’s cyber security needs.  Many times organizations find themselves in bidding wars for these talents and that is assuming they can find the correct qualifications for their business.

Companies are becoming increasingly aware of the threat landscape and the true risks of cyber incidents all the way up to the board level.  Unfortunately, organizations lack the experts they need to truly utilize the tools at their disposal.

To address this problem for organizations, ThetaPoint provides a managed Operations & Maintenance (O&M) service to eliminate the resource gap that exists in organizations today.  The ThetaPoint O&M service delivers global 7x24 management and monitoring of your SIEM/Log Management platform in a secure co-sourced model.

The managed service offering is composed of three critical components; regular maintenance, global monitoring and premium support.

Regular Maintenance

ThetaPoint’s O&M service proactively maintains and updates your SIEM/Log Management Platform.  Proper maintenance is important to insure new features are installed, removes outdated features, updates drivers, delivers bug fixes and most importantly, plugs security holes that have been identified. Software manufacturers overwhelm organizations with patches, hot-fixes and other updates to meet the above needs.  Resources are not confident on what patches/updates need to be applied and why.  ThetaPoint eliminates this guesswork and handles the tasks for you.  We will validate the need for an update, what business/technical benefits are achieved with the update and what is required to do so.  In addition, we will only apply the patches/updates that are relevant to you and your business.  Eliminate the risk of going through an expensive change process for a non-value add update with ThetaPoint’s O&M service for regular maintenance.

7x24 Monitoring Services

SIEM platforms are relied on to ensure compliance, identify security incidents and provide insight into security events across disparate systems.  Therefore, it is paramount that your SIEM platform is operating optimally at all times.  ThetaPoint’s O&M service monitors your SIEM 7 days a week, 24 hours a day for the following issues:

  • Availability
  • Performance / Resource Utilization
  • Capacity
  • Fatal and Warning Errors
  • Parsing Issues
  • Constant Event Delivery
  • License Compliance

Premium Support

Over the past 5 years we have witnessed a variety of mergers and acquisitions in the SIEM/Log Management marketspace.  Unfortunately, a byproduct of these acquisitions has been a drain of talent from the acquired firm as the company is slowly integrated into the acquiring firm’s culture and processes. This has had a profound impact on customer experience and support for those that leverage the newly acquired technology.  Long wait times, calls that go unanswered, disconnected support sites all lead to increased Mean Time to Resolutions for customers and downright anger and frustration working with the new support organization.

ThetaPoint understands this frustration and provides our clients a truly unique experience. With the ThetaPoint O&M service, we become an extension of your team and will work directly with the manufacturer on your behalf so you don’t have to.  If you have a question and don’t want to waste time scrolling through knowledge bases, our experts can answer it quickly.  If you have a P1 ticket that seems to be in support limbo, leave it to ThetaPoint.  Start spending your time managing your business risk while we manage your SIEM!

Touch Free Services

Touch Free Services is an optional addition to the O&M Service Offering. Touch Free hours are primarily used for break / fix situations that are discovered during monitoring. However, the time may be used for any ThetaPoint service offering.  Many of our clients utilize this time to conduct quarterly use case/business case reviews and make necessary content/application changes to stay abreast of today’s modern threat landscape.

Platforms Supported

ThetaPoint currently offers Operations & Maintenance service for the following SIEM Platforms:

  • HP ArcSight
  • Splunk Enterprise

Next Steps

For more information on this or other ThetaPoint Service Offerings, please contact us.