SIEM Smart Start
The first step towards assurance for Security.
More and more small and medium companies are realizing that there is an urge to protect themselves against cyber attacks. A report by SIDN from June 2020 even shows that the number of SMEs that fell victim to cybercrime rose from 19% to 22%. In addition, there are more and more laws and regulations regarding privacy and compliance, which increases the need for organizations to better protect themselves. The most ideal situation is to use Security Information and Event Management (SIEM), whether or not combined with a Security Operations Center (SOC).
Setting up a SIEM is labor-intensive and requires specialist knowledge that is often not available within a company. In addition, the license costs of many SIEM suppliers form a barrier to get started with security monitoring. At the same time, the importance of security monitoring is fortunately increasingly and more widely recognized within companies. That is why SMT, as the largest Splunk partner and specialist in the Benelux, has developed the “SIEM Smart Start” to introduce customers who already have access to Splunk to security monitoring in an accessible way, without the aforementioned disadvantages.
When you choose SIEM Smart Smart, you make an inventory of the most critical parts of your IT landscape with guidance and advice of a SMT specialist. For instance, your Office 365 environment, the software for protecting your workplaces (anti-virus or EDR) and your firewalls. The selected components will be integrated into your Splunk environment and a SIEM is set up for you, so that all collected data is correlated and clearly presented. All this takes place in just a few days. Basically, your organization will have a functioning SIEM which enables you to experience the benefits of security and compliance monitoring. A handover takes place after the SIEM Smart Start, so that your people have full control over the SIEM and can make optimal use of the SIEM.
Set up SIEM
After setting up your SIEM with the SIEM Smart Start by SMT, you have a perfect basis for growth. For example to integrate more systems into your SIEM or to outsource incident handling to a Managed Security Service Provider (MSSP). The most labor-intensive part of setting up security monitoring, namely connecting sources, normalizing data and applying use cases, has already been done for you as part of SIEM Smart Start.
Even if you do not yet have access to Splunk but would like to start with it, SMT is happy to help you answer analytics and security questions. In that case, we have other packages, such as the Get Started with Splunk, for an easily accessible introduction to the technology. Our experts are happy to help you translate the data of your organization into information and added-value.