Log Management & SIEM

Security Information and Event Management system (SIEM) provides you with broader visibility of security events that not only allows early detection of an attack but also helps answer the who, what, when, where, and how of an attack. This visibility is gained through collection, analysis, and correlation of log events from your network, host, and security devices.

ECQ delivers SIEM as a service via its powerful cloud-based platform to help you reduce the cost and complexity of having to manage your own log management, sensors, and analyzers.

  • Asset Discovery

  • Vulnerability Management

  • Security Events Correlation

  • Intrusion Detection

  • Monitoring

SIEM at a glance

  • Active/Passive network scanning

  • Asset inventory

  • Host-based software inventory

  • On-demand vulnerability assessment (Authenticated and Unauthenticated)

  • Over 40,000 vulnerability checks

  • Regularly updated threat database (every 12-hour)

  • Network-based Intrusion Detection System

  • Host-based Intrusion Detection System

  • Behavior-based Intrusion Detection System

  • File integrity monitoring

  • Log collection

  • Netflow analysis

  • Service availability

  • Security Information and Event Correlation

  • Incident response

  • Behavior-based Intrusion Detection System

  • File integrity monitoring

Monitoring & Reporting

The monitoring of events will be the core service provided to you by ECQ Consultants. ECQ Security Operations Center (SOC) provides 24 x 7 x 365 continuous monitoring of your critical information assets. ECQ Consultants will monitor, analyze, and respond to the events collected by our SIEM. The security monitoring service includes following features :

  • Automated, Real-time collection of events from your network and enterprise

  • Event aggregation and correlation with expert tuning to remove false positives

  • 24 x 7 monitoring of your network and enterprise by ECQ

  • Expert security analysis by GIAC certified Security Analysts and Consultants

  • Proper escalation according to established procedures in the event a significant event occurs

Have Questions ?
Contact Us

Download Document