Security Information and Event Management (SIEM)

Produces an operational view to information security status, enhancing log management and combining it with security event monitoring to enable centralized reporting.

SIEM systems automatize the continuous reporting required by several standards. In addition, the systems are capable of raising alarms based on logged information, IDS-detections and vulnerabiity lists. 

Siem system

 

The number of SIEM systems available is considerable and the progress in the field is rapid. Selecting a suitable and reasonably priced product can in itself be a challenge. Mere purchase of a device is not a solution either; proper configuration of the system and its various log sources and refining log management processes are both essential for achieving compliance with set requirements.

SIEM and Nixu

 
Compliance

A SIEM-system recognizes usage inconsistencies and is capable of event correlation. Various external requirements necessitate effective log management, but rarely SIEM.

Nixu assists in:
  • Solution selection related planning and specification
  • Configuration to meet requirements
  • Integration to critical systems to extract best benefit
  • Creating a process for reacting to security events
We use the following products in our projects:
  • HP/ArcSight
  • IBM/Q1 Labs QRadar / Juniper STRM
  • McAfee/NitroSecurity
  • Novell/ NetIQ Sentinel
  • RSA enVision/Security Analytics
  • LogRhythm
  • Symantec SIM
  • Alienvault / OSSIM
  • Splunk
  • LogLogic

 

Log Management

For network safety and traceability.
Read more

GRC Systems

A holistic view of the organization’s core and support functions.
Read more

Information Security Management

Do you control your information security or does it control you?
Read more