Security Incident & Event Management (SIEM)
Security Incident & Event Management: Prioritize and Respond to Security Threats
Social networking, shifts to mobile and wireless networking, virtualization and cloud computing are helping create new business opportunities. But they also can create complex security landscapes, making it difficult to identify, prioritize and respond to threats.
Security incident and event management, or SIEM, from AT&T helps manage your security needs and reduce risks by gathering information from a collection of your network devices, analyzing the correlated event data and issuing alerts based on criticality.
AT&T provides security incident and event management,SIEM, through our Security Operations Center (SOC), an advanced center for identifying and resolving security issues that impact your network. The AT&T SOC has the tools to provide a correlated near real-time picture of what is occurring in your network, 24x7.
Security analysis: provide proactive protection for your network
The AT&T Security Event and Threat Analysis service provides a preventative approach to security to help identify, detect and repel attacks and intrusions before they damage your business. AT&T collects, analyzes, interprets and communicates data to you in near real-time, supporting fast response. We also look for anomalies in traffic patterns to pinpoint possible attacks in the early stages.
SIEM: Identify and resolve security issues with the AT&T SOC
The AT&T SOC makes use of industry leading and state of the art security analysis tools and an integrated data mining system developed by AT&T. This system provides an additional layer of anomaly detection algorithms which produce rich, correlated security alert information. The SOC helps protect your network against security events with 24x7x365 monitoring to help identify both active threats and precursors to network attacks. Security incident and event management enables:
- A proactive approach to security planning
- Efficient network bandwidth and staff utilization
- Enforcement of security controls and policies
When a security event or threat is detected, you are notified person-to-person, via e-mail or through a customized interface on the AT&T Security Center, according to the severity of the security event. The Security Center is available through the AT&T BusinessDirect® Portal.
Rely on AT&T expertise for event management security
AT&T has led the development of some of today's most widely used network security best practices, including:
- Security governance/policy models
- Risk management methodologies
- In-depth security design
- Threat analysis
- Multiple device security event correlation
Keeping your network secure involves much more than simply repelling the latest worms or other threats. Here are some points to consider as you evaluate your security needs:
Is your network complex, with multiple potential vulnerabilities?
AT&T has a long legacy of developing and managing security services that support a defense-in-depth architecture used to help enforce your security policies.
Read the white paper [PDF, 718kb]
To mitigate security and compliance risks, it is important that your security plan encompasses your entire network. But if you have an intricate infrastructure with several possible entry points for attackers, it can be challenging to set up and maintain the proper protection.
The AT&T Security Event and Threat Analysis service provides a holistic view of your enterprise by collecting data from internal and public-facing devices. By collating this information, it can be easier to prioritize and speed critical alerts, helping provide enough time to address threats or vulnerabilities.
Do you have compliance requirements you must meet?
Keeping up with the latest mandates and making adjustments to stay in compliance can be difficult and time consuming. As part of security incident and event management from AT&T, our experts make sure you have the proper protection in place to meet the latest compliance requirements. We can also write customized security protocols to meet your unique needs.
AT&T security experts assess your network and use the information they gather to help design a response plan and provision a security solution customized to your network and business needs.
AT&T security consultants can conduct more extensive tests, including vulnerability scans that can help identify possible security weaknesses in your network. Our consultants can also carry out compliance validations to certify that your security measures meet government and industry requirements.
An AT&T deployment team works with your IT staff to make sure the proper security devices are identified. Feeds are brought in from all your critical devices to get a complete view of your network and the servers holding your critical organizational data. The security alerts are then fine-tuned to meet your security requirements.
Organizations with complex network security needs are assigned an AT&T implementation manager who will help install the service, fine-tune your security measures and help deliver a comprehensive security solution that helps protect all areas of your business.
After deployment, the security of your network is monitored 24x7 in the AT&T Security Operations Center. When a security threat or event is detected, AT&T helps minimize the disruption by alerting your IT staff and taking steps to help rapidly control and contain the incident.
The AT&T security operations team also meets regularly with your internal security staff to discuss events and make ongoing adjustments to your response plans. A custom Executive Threat Report is distributed weekly through the portal or email.
To learn more about security incident and event management from AT&T, contact us today.