Security Incident & Event Management

SIEM component of Bluefoxstarlight S.M.A.R.T 365 solution includes integrated asset discovery & inventory via passive & active scanning tools and allows for the assignment of asset criticality. As part of the onboarding process, we will conduct vulnerability scanning, reporting, and management of those vulnerability stats, to assist customers in addressing the most critical items. This is performed by both internal (authenticated) and external (unauthenticated) from the Bluefoxstarlight Managed Security Services. This information is integrated with SIEM feeds to refine threat detection and analysis and reduce false positives.

THREAT DETECTION & ALERTING ABILITIES

01/

A fully-managed network and host-based IDS technology with leading industry threat feeds and rule-sets.

02/

Integration of all available security data (IDS and other security device inputs, asset value database, vulnerability scan data).

03/

Ability to deploy additional integrated security controls.

04/

Automated real-time ”unified” log correlation and linkage to all log data related to the threat.

05/

File Integrity and privileged-user monitoring, etc.

06/

Integrated proprietary and crowd-sourced threat intelligence.

07/

Application of 3,200+ correlation rules to the asset, vulnerability, network traffic, and threat data.

08/

24 x 7 x 365 alerting with “full threat context”.

09/

Evaluation and elimination of systemic “false positives”.

Gedung SOHO Pancoran Suite 1006, Jl. Let. Jend. MT. Haryono Kav 2-3
Kel. Tebet Barat Kec. Tebet Kota, Jakarta Selatan – 12810

  • 021 - 2665 9566