Managed SIEM security service
FortiSIEM SaaS / Microsoft Azure Sentinel
Cybersecurity: a vast perimeter to defend played on multiple chessboards. Our solution adapts and connects to the majority of technologies on the market to ensure the collection of as much information as possible and the protection of your assets. Collectors are installed in your systems, collect information, and send it to our SIEM, which then handles analysis, correlation and alerts.
Advantage
As an organization, continue to be at your best today and build your future with peace of mind. We deal with cyber threats and their harmful consequences for your business.
The strength of our offering
Whether by using our internal algorithms developed to investigate the Dark Web or those carefully selected from our partners, cyber intelligence remains at the heart of our cybersecurity practice.
The strength of our team
Our expanded internal team is made up of more than 50 high-level experts who globally support multiple technologies and hold multiple certifications.
CONSOLIDATE / UNDERSTAND / REMEDIATE
- Computer threat detection service
- Intervention in the event of an incident
- Monitoring suspicious activity on workstations, servers and network equipment
- Compliance reports
- Monitoring your information on the Dark Web continuously
- Monthly meeting with a security expert
Comparison of managed SOC/SIEM
| Service | Description | Base | Advanced |
|---|---|---|---|
| Security event management | Management and monitoring of security events |  |
|
| Monthly report | Monthly report and dashboard that summarizes events by category | |
|
| Incident management | Setting up the right playbooks for your business to handle incidents | |
|
| 8/5 Alerts | 8/5 communication of High Category Alerts | |
|
| 24/7 Alerts | 24/7 communication of High Category Alerts | |
|
| Multi-Manufacturers Collector | Our solution connects to the majority of technologies on the market | |
|
| Event archiving | Archive of medium- and long-term events | |
|
| Multi-level alerts | Multi-level alerts on data movements, atypical behaviors, deviations, and geolocation | |
|
| AI analysis | Use of machine learning to continuously improve responsiveness to the different behaviours identified | |
|
| Integration API | SIEM has a REST API that allows any external system to integrate into the CMDB, make event queries and send alerts | |
|
| Automation of actions | The majority of actions can be automated through use cases and scripts | |
|
| Monthly Vulnerability Report and Meeting | A report and a meeting with a cybersecurity expert to discuss identified events and recommendations | |
|
| Quarterly Report and Vulnerability Meeting | A report and a meeting with a cybersecurity expert to discuss identified events and recommendations | |
|
| Recognition of abnormal human activity (UEBA) | After learning about a person’s normal behaviour, the system will be able to identify and react to any out-of-the-ordinary behaviour according to the pre-established parameters | |
|
| Dark Web monitoring | Continuous monitoring of your credentials (passwords) on the Dark Web | |
|