ALEF SIEM Essential
The SIEM Essential service is an installation of a Security Information and Event Management (SIEM) tool based on Cisco Systems' Splunk software. By using SIEM Essential, you'll instantly gain a basic overview of security attacks on your IT, and your company's cybersecurity will increase by leaps and bounds.
SIEM Essential includes:
- Splunk Enterprise + Cribl license rental
- Detailed description of data source setup
- Detailed description of detection scenarios
- Creation of test scenarios
- Splunk Enterprise + Cribl license rental
- Detailed description of data source settings
- Detailed description of detection scenarios
- Creating test scenarios
Who is the service for?
If you are a small or medium-sized company that does not need a complicated security solution with a large implementation and you do not know in advance the scope and volume of data that needs to be collected for security surveillance, we have the ideal solution for you. It is SIEM Essential built on Splunk technology. With our predefined scenarios built on the MITRE ATT&CK framework and a wide range of integrations to supported applications, deploying SIEM Essential into a customer's environment can be done in a matter of days.
Main advantages of the service
SIEM Essential installation within 14 days
Fixed price per SIEM Essential license per employee
Pre-built detection scenarios matching the customer's environment
Effective detection of cyber threats
Low percentage of false positive events
Meeting the legislative requirements of the Cybersecurity Act
What is the implementation process?
- Creation of High-level design/Low-level design for SIEM Essential implementation
- System installation in customer/cloud environment
- Setting up the data source by the customer as per the instructions provided by us
- Check inputs and evaluate the installation
- Validation tests
- Training of customer administrators
- Commissioning