current language
Slovakia available in the following languages:
or select your TÜV Rheinland country website:

Security Information and Event Management (SIEM) and Log Management

Security Information and Event Management (SIEM) and Log Management

Precise Log Data Analysis and Correlation when Security Incidents Happen

Components and devices in all IT systems log critical and security-relevant incidents and supply a wide range of useful data. However, log entries are normally distributed on various components and in different log formats, rarely with enough information to conclude what happened in a specific incident. And with several million lines of log code every day, maintaining an overview can sometimes be next to impossible. Our log management and SIEM solutions help you filter out information that is of relevance to your IT security and puts it in the proper context for evaluation – either in real time or in forensic analyses of security incidents.

Benefits at a Glance

With TÜV Rheinland as your partner for security information and event management (SIEM) and log management, you:

  • Keep all your data records in one central repository with an improved summary of their security status.
  • Can create revision-proof compliance reports, summaries, statistics, and dashboards for management and auditors.
  • Increase measurability of the status of your IT security and quality, for example, with KPIs and metrics.
  • Shorten response times for undesirable situations regarding searches, troubleshooting, and forensics.
  • Collect all of your log data in one central system.

Our Solution Components and Their Benefits

TÜV Rheinland works with the following solutions and software developers to provide world-class SIEM and log management services:

Balabit SSB: Log Management Solution

  • From the makers of syslog-ng
  • Only high-availability solution available
  • Large log storage in syslog-ng Store Box (SSB)
  • Ideal solution for creating data repositories available centrally to all users
  • Rudimentary reporting

LogRhythm: Security Intelligence Plattform

  • Next-generation SIEM and log management
  • Endpoint forensics, with registry and file integrity monitoring
  • Network forensics, with application ID and full packet capture
  • Behavioral analytics for holistic threat detection (users, networks and endpoints)
  • Rapid unstructured and contextual search
  • End-to-end incident response orchestration workflows to support team collaboration
  • SmartResponse™ automation framework

Our Approach

Step by step, our SIEM/log management services give you a better view of security-related events occurring in your network:

  • Entry of requirements for sizing, reporting, and compliance
  • Selection of suitable solution components
  • Implementation of the log/SIEM infrastructure
  • Support for configuring reporting and alerting functionality
  • Support for systems operations or, where required, the managed service
  • Continuous support and regular optimization of infrastructure, logging, and reporting
  • Archiving and access control to collected logs

Contact

Get in contact with us!

Get in contact with us!

Last Visited Service Pages