SOCaaS
24/7 monitoring for security threats from a trusted team
Managed Security Services includes 24/7/365 monitoring of the Client environment for security threats. The core functions of Managed Security Services (MSS) include monitoring for threats and abnormal activity; alerting the appropriate parties of a potential incident and providing recommended remediation actions.
The core functions of MSS are performed by combining Security Information and Event Management (SIEM) with the human component of security analysts. Analysts located in Legato’s Security Operations Center (SOC) monitor and respond to security events on behalf of each organization.
Actionable intelligence & customized workflows
MSS includes the analysis of logs and events from the Client’s network to determine whether security events or incidents have taken place. Service Level Agreements (SLAs) and customized workflows will be developed for event handling to determine how and when a security event is handled, who is notified, and the actions to be taken for each security event type.
This service ensures our Clients can rest easy knowing there are “eyes on glass” monitoring the security posture of their organization at all times. The day-to-day operation of the SIEM includes analyzing logs, responding to alerts, ensuring alerts are cultivated in a way that produces actionable intelligence, creating new alerts, and tuning log sources.
Threat monitoring
- 24/7/365 monitoring of environment
- SIEM monitoring
- Security analyst team for response
Security analysis
- Analysis of logs and events
- Customized workflows for event handling
- Built-in notifications for appropriate parties
Fast Response
- "Eyes on glass" at all times
- SOC analysts respond to each event
- Fine-tuning of running systems to prevent threat recurrence