by Tech-IT. As a general matter, most of the companies currently have what was needed ten years ago to provide them a good level of security: solutions such as an antivirus, a firewall and a mail relay. These security controls remain important nowadays, but for years now, information security field has been forced to shift from a prevention mentality to a focus on rapid detection and in this area, many companies remain unequipped. Without a detection capacity, how to react efficiently to a threat jeopardizing the business?

Implementing a good security monitoring capacity requires putting together different solutions. Combined they probably form a complex architecture, and with complexity, come the risk to have misconfigurations or issues creating gaps between the expected and actual levels of security, in addition of the additional time require to maintain the whole architecture.

The solution offered by Tech-IT, that covers a coherent set of functionalities that need to collaborate, is an effective response to this problem. A unified approach makes easier to maintain security controls and is able to correlate automatically pieces of information coming from different ones, such as linking an attack detected by a network intrusion detection sensor with a known vulnerability on the target server. Taking advantage of all embedded functionalities to provide a state of the art security level, while keeping simplicity and control at the core of the solution, are the key characteristics of the service offered by Tech-IT.

This unified solution allows all companies to make a huge step forward in their security detection capacities quickly and efficiently. The solution, based on AlienVault Unified Security Management appliance, provides from day 1 the monitoring controls that any modern security infrastructure should have:

- Vulnerability Scanning : Know where vulnerabilities exist to avoid exploitation and compromise

- Behavioral Monitoring : Identify suspicious behavior and potentially compromised systems

- Network and Host-based Intrusion Detection : Know when suspicious activities happen in your environment

- Asset Discovery : Know who and what is connected to your environment at all times

- SIEM and Log Management : Correlate and analyze security event data from across your network

 

This solution benefits from the detection rules, correlation rules, and IoCs (Indicators of Compromise), provided by AlienVault Labs and by the 50,000 participants of the OTX community. Based on this reactive threat intelligence, and great product functionalities, Tech-IT teams will monitor and perform the triage of alerts, saving time for client IT teams and insuring timely response is engaged in case of suspicious activities or confirmed attack.

While Tech-IT has the responsibility to follow up on alarms, the client gets a full access to everything the solution can offer, and will benefit from the ease of use of the solution to get something that most companies lack: a visibility and an understanding of what is happening on their networks and servers. AlienVault comes with almost 250 pre-defined reports, and an easy to use report creation engine, allowing saving time on the burden that sometimes represent compliance requests.

Any company that wants to have the best ratio between investments and security will benefit from the excellent level of security and the time-savings provided by Tech-IT unified approach. Security is a matter of priorities, and finding a solution that provides great capacities in key security controls, with monitoring and triage services provided by Tech-IT, allow transferring effort- and time- savings on the next battlefronts. Do not hesitate to contact our teams should you want to learn more about it.