Real-time Threat Monitoring & SIEM Service
Protection, Readiness, Intelligence
A fast moving IT landscape poses new threats to enterprise IT systems and puts data at risk on a daily basis. Organizations need to be able to proactively identify threats, prioritize them and mitigate risks to their IT environment.
To help address these risks, Netmagic offers a 24X7, real-time threat monitoring solution that protects your IT infrastructure from cyber-threats, With a Zero Day Attack alerting mechanism, CNAM correlates information from multiple devices and applies intelligence to give better insights on threats hitting your critical networks. CNAM is offered on a SaaS offering to Netmagic customers.
The Service leverages a custom developed correlation engine that analyses event data from all the security monitoring / management devices in the system like firewalls, NIDS/NIPS, HIDS/ HIPS, routers, Operating Systems, databases, and other network assets. The advance correlation engine has built in intelligence that recommends necessary steps to deal with the attack.
Since CNAM is a managed SIEM solution, it provides simple actionable alerts and eliminates the need to analyze event logs for every device separately. It provides a complete suite of Log Management, Event Correlation, and Threat Management out of a single solution.
Netmagic offers CNAM this as a complete managed service powered by its 24X7 Security Operations Center (SOC) in Mumbai, India.
The SOC team is responsible for:
Monitoring and Investigating events: The support team monitors and analyzes the events generated by the Central Event Processing Facility through the dashboard. It will investigate these events with the information provided in the dashboard and take prescribed actions on the attack sources.
Attack prevention: Based on the analysis of the alerts the support team takes pre-decided preventive measures to monitor / escalate the attack source and mitigate the threat from that source address.
Event escalation: The support team is trained to handle / resolve events generated by the engine; however ambiguous events are escalated to the CNAM team for profound analysis and clearer action plan for that source address.
Business critical decisions: The support team is available 24x7 to receive feedback on any urgent / escalated events and take necessary action based on the criticality of the events.