A flood of events cross your network hourly, but most of those events are irrelevant. The daunting task for you is to identify the significant events that pose a security risk to your information assets so you can respond to them in real time, before a compromise occurs.
You have probably invested in a variety of technologies, such as network firewalls, IPS/IDS, VPNs, routers and switches to detect events. Every security appliance, business-critical system, noncritical server and endpoint in your organization generates extensive logs daily. These raw logs need to be monitored continuously, analyzed and correlated to filter out false positives in order to identify real security events of concern. This requires dedicated, skilled resources around the clock to review and interpret all the logs and alerts in all the different formats generated by your infrastructure.
Dell SecureWorks Log Monitoring service monitors, correlates and analyzes logs and alerts across virtually any security technology and critical information asset, 24x7, to identify anomalies and respond to threats in real time. Deeply skilled security experts working from our integrated Security Operations Centers investigate and respond immediately to any malicious activity.
The Log Monitoring service includes on-demand reporting via the Dell SecureWorks Customer Portal. Through advanced reporting functionality, the Dell SecureWorks Customer Portal provides full service visibility alongside meaningful security insights and perspectives. For more on the Dell SecureWorks Customer Portal, click here.
The Dell SecureWorks Customer Portal features integrated business intelligence and analytics tools to help you gain the meaningful insights and new perspectives you need to answer these questions and make better security decisions. Highly customizable data visualizations and reports give you point-in-time snapshots as well as historical trending perspectives across multiple security metrics.
The security events summary lists attack attempts with detailed event information including device, severity, and action taken.
Top 10 event summary report provides a graphical representation of top security events for a specified timeframe and summary data.
Log Monitoring is delivered using Dell SecureWorks Counter Threat Platform (CTP). With a multi-tenant, distributed architecture, the CTP analyzes billions of events daily and helps to protect thousands of customers worldwide.