PROFESSIONAL SIEM SERVICES

Deploying a custom SIEM system

Get a fully-fledged SIEM solution to safeguard your corporate information. 

For 15+ years, ScienceSoft, an IBM Gold Business Partner, has been protecting sensitive data of our customers with full-scale security information and event management (SIEM) services.

Our experienced team of certified security specialists has implemented 150+ SIEM projects in different industries, including Banking and Finance, Healthcare, Public Sector, Retail, Telecom, Oil & Gas and more.

The benefits of SIEM services:

  • Pro-active security incidents detection based on raw event and log data.
  • Improved efficiency of incident response activities.
  • Optimization of IT and network operations.
  • Security compliance simplification.

Contact us

SIEM project with ScienceSoft stage by stage

Every SIEM project encompasses five core stages:

SIEM project stages - ScienceSoft

To employ the capabilities of a SIEM system to the full, customers may also require two optional SIEM services: fine-tuning and training, which may be implemented as separate projects.

ScienceSoft’s SIEM consultants are familiar with the challenges that customers face at each stage of a SIEM delivery project and know how to address them.

SIEM Requirements gathering and processing

SIEM Requirements gathering and processing

After analyzing initial requirements of a customer and network infrastructure of their company, ScienceSoft’s security consultants estimate project efforts and offer an optimal set of requirements depending on the scope and the customer’s security and pricing policy.

SIEM design

SIEM Design

Together with creating SIEM system design documentation, ScienceSoft’s security consultants define project acceptance criteria and confirm them with the customer to ensure full requirements coverage.

SIEM Implementation

SIEM Implementation

What we do

  • Deploy a SIEM system on the customer’s network environment.
  • Provide SIEM system basic configuration.
  • Connect out-of-the-box log sources.
  • Connect custom log sources.
  • Deliver a fine-tuned SIEM system and provide reports.

SIEM implementation challenges we address

  • Undetected security attack vectors.
    Solution: high-quality audit baseline development for all target systems.
  • Disconnected custom log sources.
    Solution: custom target system investigation prior to custom log source connection.
  • Presence of various log source types.
    Solution: creation of correlation rules with multiple conditional levels for multiple log source types.

SIEM Fine-tuning

SIEM Fine-tuning

To maximize a SIEM system ability to detect intruders and to save time of an administrator, ScienceSoft’s security consultants analyze the operation of the SIEM system within the customer’s network and tune it to get rid of false positive correlation rules.

SIEM Training

SIEM Training

ScienceSoft’s SIEM consultants are ready to share their knowledge with the customer’s security team in SIEM system management with a series of practice-oriented training sessions. Understanding the importance of the face-to-face contact between trainers and trainees, ScienceSoft offers in-house training sessions on the customer’s SIEM deployment.

Depending on the level of the customer’s security staff’s experience in SIEM system management, ScienceSoft’s IBM-certified consultants organize and conduct two tailored SIEM training sessions: Fundamentals and Advanced.

The Fundamentals training module includes the following highlights:

  • Introduction into IBM Security QRadar SIEM
  • Security Data
  • QRadar User Interface
  • Data Sources
  • Advanced Searching
  • Rules and Building Blocks
  • Advanced Reporting
  • Health Monitoring

The Advanced training module, targeted at more QRadar-savvy specialists features the following topics:

  • Introduction to QRadar Administration Features and Functionality
  • Security Events Normalization
  • Building log source extensions (LSX) (normalization part)
  • Building log source extensions (LSX) (mapping part)
  • Building Blocks (BB) Overview and Specifics. Enabling Custom BB
  • Rules Overview
  • Creating Rules
  • Tuning Rules
  • Fine Tuning False Positives
  • Offenses
  • QRadar Risk Manager
  • QRadar Vulnerability Manager

SIEM Delivery

SIEM Delivery

ScienceSoft security professionals have earned their reputation for delivering SIEM services that satisfy customers’ needs. SIEM delivery includes the following stages:

  • Final check of the SIEM system performance
  • Acceptance testing by the customer
  • Physical handover of all the source codes, documentation and access keys).

SIEM support and maintenance

SIEM support and maintenance

ScienceSoft ensures performance capacity of the SIEM system features and elements included in the scope of a SIEM project we’ve implemented in case the way of log source connection changes, new event types are added or the SIEM system is updated.

SIEM-based APT protection

ScienceSoft’s SIEM consultants will build up a deeply personalized security environment to ensure SIEM-based Advanced Persistent Threat protection. Our security professionals will fine-tune your SIEM solution to transform it into a handy tool for discovering APT attacks at early stages.

SIEM-based specific services

SIEM-based ATM security

As ATM network attacks are becoming more and more sophisticated, SIEM-based ATM security solutions come into play. ScienceSoft’s information security consultants respond to the growing ATM security threat by conducting an ATM network audit, incident data collection and analysis, security assurance of ATM network design and creating custom correlation rules for the customer’s SIEM system. This comprehensive approach enables security administrators to cover all the ATM threat types.

Why choose ScienceSoft’s SIEM services?

IBM Gold Business Partner - ScienceSoft

  • Expert knowledge of IBM QRadar SIEM architecture and implementation.
  • 150+ completed projects in the SIEM area.
  • Team of experienced SIEM architects, developers, testers and IBM-certified consultants.
  • Deep knowledge of operating systems, software and device audit, logging, and security subsystems.
  • Considerable hands-on experience in SIEM integration, configuration, support and maintenance.

Get in touch

Our IBM-certified SIEM consultants are ready to respond to a security challenge of any complexity.

Contact us