BlueSOC Managed SIEM

Identify cyber threats and ensure compliance

StartServicesManaged Detection and ResponseBlueSOCBlueSOC Managed SIEM

SIEM

Logging - complex, but necessary

Security monitoring and incident detection is no longer a choice for many companies, but a requirement based on business needs and compliance. Logs from infrastructure, services and applications are some of the most important areas to monitor, but also some of the most complex to implement and manage. Success requires expertise, the right technology and a constant presence.

280: days is the average time taken to detect a data breach
3,86: USD 3.86 million is the average cost of a data breach
74 %: have seen a reduction in data breaches as a result of using SIEM

Leading SIEM monitoring managed by experts 24/7

BlueSOC Managed SIEM is our fully managed SIEM service, managed by security analysts in Sentor's BlueTeam. By combining market-leading technology, threat intelligence and 24/7 monitoring, we detect and manage threats to your business in near real time. The log data we collect, analyse and deliver will tell you what happened, when it happened, which systems were exposed and which users were involved - essentially all the information you need to manage and report incidents properly.

Leading technology

We always follow market developments and use the technology that gives us as MSSP the best capabilities, and you as a customer the most value.

Rapid implementation

We use a well-established model to identify requirements and relevant logs and to quickly deploy the service. Our completed detection on common log sources also makes it easier to create new use-cases and find relevant events in large volumes of log data.

24/7 Monitoring

Our BlueSOC security experts monitor, analyse and manage activity from your logs 24 hours a day, all year round. All alerts are manually validated and enriched by analysts, and incidents are reported and escalated to suit your organisation.

Full access

As a customer, you have full access to the standard search interface and can use the relevant log data for other purposes, such as troubleshooting in operations or to create your own dashboards for internal teams.

Customisable

The service is flexible and can be customised for e.g. proprietary applications, dashboards or detection capabilities specific to your organisation.

High level of service

You will have a dedicated Service Delivery Manager, who will be responsible for monthly delivery meetings and reporting, and will act as your primary point of contact during ongoing delivery.

1. Start-up

An implementation project is initiated to identify the organisation's requirements, technical design for deployment, covered log sources and specific detection requirements.

4. Adaption

Changes to the service, such as the addition or removal of log sources, new detection capabilities, etc., are handled on an ongoing basis throughout the service delivery.

2. Implementation

We deploy the service in collaboration with you as a customer. To ensure rapid implementation, the project is led by a dedicated Service Delivery Manager from Sentor.

5. Reporting

Monthly reporting and regular service meetings with your assigned Service Delivery Manager.

3. Activation

The 24/7 SOC monitoring is activated as soon as the log sources are on-boarded to SIEM and have been approved by quality control. Incidents are escalated as individual tickets in Sentor's customer portal.