Security Log Monitoring

Our Security Log Monitoring Service, based on the patented, cloud-based ActiveGuard Security and Compliance Platform provides clients with 24/7 monitoring to protect against threats and comply with regulations that require log monitoring. As a managed security service provider (MSSP), NTT Security delivers security log monitoring as a cloud-based service.

Monitor Logs to Detect Threats and Achieve Compliance

Organizations are under constant pressure to protect data and critical systems. Monitoring logs is a critical component of a security strategy and a requirement for regulations such as PCI DSS, GLBA, HIPAA, SOX and others. Too often, the burden placed on internal teams to monitor systems 24/7 causes organizations to have gaps in their detection or not to monitor logs at all.

Premise-based security information and event management (SIEM) systems can monitor IT environments, but can be a challenge to implement and manage. NTT Security Log Monitoring provides superior visibility and threat detection with lower implementation and resource requirements. This reduces the burden of log monitoring and improves overall security posture.

Cloud-based Log Monitoring by Security Experts

Delivered as a cloud-based managed service, NTT Security Log Monitoring provides real-time threat detection to improve security and achieve compliance. The ActiveGuard service platform collects, monitors, and manages logs from virtually any device capable of producing a log file, including applications, databases, endpoints, firewalls, IDS/IPS, UTMs, WAFs, FIMs and network devices.

Security experts in the Security Operations Center (SOC) provide additional analysis, validation and response for security threats. The combination of the automated analysis in ActiveGuard and human verification in the SOC reduces false positives, ensuring that clients are only notified about real security events.

Our Security Log Monitoring Service delivers the following:

  • Collect: Real-time threat information in one centralized database for maximum visibility
  • Classify: Maximum security value and context extracted from log sources
  • Analyze: Heuristic, statistical, threshold, and time-based analysis
  • Correlate: Source, destination, user, asset and vulnerability interaction correlation
  • Notify: Prioritized, validated incidents escalated based on client needs
  • Investigate: Incident details in context with processing and analysis trail down to the raw log lines
  • Audit: Auditable record of the response process from identification through close

Features Include:

  • 24/7 Log Collection and Active Monitoring
  • Security Event Escalation and Context-aware Alerting
  • Advanced Analytics to Detect Threats
  • Multiple Security Operations Centers (SOCs)
  • Analysis and Validation by Certified Security Experts
  • Patented ActiveGuard Service Platform
  • Configurable Analytic Rules and Thresholds - Threats, Privileged Users and Policy Enforcement
  • Cross-Device Correlation
  • 100% Retention of Collected Logs
  • Flexible Service Tiers
  • Dedicated Service Delivery Manager

Add On Features:

  • Extensible Monitoring to Meet Custom Needs
  • Global Threat Intelligence Center (GTIC) Services
    • Critical Incident Response
    • Forensic Investigations and Expert Witness Support

More Information

Log Monitorning and Management Datasheet

Log Monitoring and Management Datasheet

Download it now.