ThetaPoint’s Security Operations Center (SOC) Value Assessment services leverages our expertise in security administration, monitoring, incident response, architecture and operations centers. Leveraging the ThetaPoint Security Reference Architecture, we begin by assessing an organization’s compliance with industry best practices for SOC maturity and identify and address those gaps against the desired state of compliance. Utilizing a metric based approach, we help define the difference between incremental and transformational change.
Many SIEM and Log Management companies provide default content that attempts to address various IT security concerns. The fact is that default content tends to be highly ineffective and needs to be tuned to get value. In addition, new / customized content needs to be created to completely address an organizations IT security concerns and business problems. ...LEARN MORE
Technology is one aspect of an effective IT security or incident response program, not a magic elixir that will cure all that ails them. Organizations must also have business goals, a strategy on how to use the technology, and defined processes and procedures to support operations to be successful. ...LEARN MORE
As ArcSight customers expand their security focus from perimeter defense to insider threats and compliance, the first device they typically look at is Microsoft Windows. Microsoft Windows Servers provide a critical capability in most environments by managing their users, files, and systems. However, if you spend any time with the Windows Security Log you know that it’s an undocumented mess full of inconsistencies, noise, false positives and cryptic codes. This makes implementing content difficult and problematic unless an organization maintains a staff with exceptional Windows and ArcSight expertise. ...LEARN MORE