Effective management of security events with SIEM

Security events can help prevent and detect attack being launched within your network or system. Every application, system or device generates and logs events into a file. Several type of events can be registered such as application events, systems events, and security events.

Once an attacker compromises a system or network, he deletes all evidence in order to make the investigation very hard. One of the primary action performed by hacker is the deletion of log file. That is why CAPTOSEC helps you protect those files by implementing mechanisms to authenticate the source, encrypt and remote backup the security events log files.

To achieve all these goals, we design, develop, implement and maintain a centralized logs management system that:

+ collects security events from different applications, systems and devices

+ correlates and centralizes security events

+ alerts security administrator or manager according to severity

+ offers a graphical web interface to monitor security events

+ securely backups security log files on remote servers

+ shows how to mitigate security risks

+ securely backups security log files on remote servers

We use tools, technologies and software such as Syslog, Syslog-ng, OSSEC, SNMPv3, Logcheck, etc.

+ Logs retention Policy according to regulatory requirements

+ SIEM requirements

+ SIEM vendor selection criteria

+ List of the sources of security events & logs

+ Implementation of SIEM solutions (OpenEYES, other)

+ Tuning of SIEM

Why People Trust us ?

Client's Experience Counts

CAPTOSEC takes the needs and requirements of its customers to heart.

We Love Quality

CAPTOSEC relies on a holistic quality assurance process that helps enhance the deliverables and meet the clients’s satisfaction.

Our Motivated Team Uses Right Tools

By using right tools combined with good processes, CAPTOSEC meets the stakeholders’s expectations.

We Always Deliver On Time

CAPTOSEC’s Security Professionals listen and collaborate with clients throughout all phases of projects.

Our Security Professionals Are All Certified

In addition to their experience and skills, Security Professionals from CAPTOSEC hold Industry certifications such as CISSP, CASP, C|EH, CISM, CISA, Security+, CCIE, RHCA, PMP, E|CIH.

CAPTOSEC relies on open source tools to provide you with a SIEM with as many capabilities as proprietary solutions
Read more

Other Expertise from CAPTOSEC

Design, development and improvement of information security processes

Development & enhancement of security policies, orientations, and guidelines

Threats modelling, Risks analysis and Recommendations

Quality Assurance of Deliverables in Information Security

Advice, Training & Awareness on information security

Design and Development of Security tools such as Template, Scripts, and Forms

Security audit & Assessment of Networks, Systems, Applications & Data

Assist the customers in their software and hardware acquisition processes

Penetration testing of Applications, Networks & Systems

Design & Assessment of Business continuity and Disaster Recovery Plans

Protection of Networks, Systems & Security Devices

Intrusion Detection & Forensic Investigation

Projects security support

Our Methodology

We understand the needs and context of the client

We validate with the client, the scope and deliverables

We collaborate throughout the project phases

We rely on standards, best practices & QA