You are viewing 'Managed Security Services'
Tips for writing a request for proposal for managed security services
Here at Solutionary, I work on Request for Proposals (RFPs). I respond to hundreds of RFPs that other organizations, who are looking for a Managed Security Services Provider (MSSP), send us. Throughout the past couple of years, I’ve noticed how some proposals are really getting good, concise content back, while others (based on the template they’ve provided us) get a huge document back – which I am sure either takes forever to go through, or they don’t even read.
To avoid sending one of the ‘huge’ RFP templates, and getting back a hundred page document, I’ve provided some tips for RFP writing. The below will not only help organizations looking for a MSSP get a relevant response with good content back, but also makes it so those responding aren’t putting together a needlessly huge document (that no one will read!).
Many organizations... read more >
Around the holidays, fellow Solutionary Minds blogger Rob Kraus and I like to have little fun with our blogs. Last year, we came up with “The Top Eight Holiday Songs of IT Security.”
This year, we’re sticking with the holiday song theme, but came up with our take on the holiday classic “12 Days of Christmas” called The MSSP 12 Days of Christmas.
On the first day of Christmas, a malicious actor gave to me Heartbleed exploit code.
On the second day of Christmas, a malicious actor gave to me 2 DOS attacks.
On the third day of Christmas, a malicious actor gave to me 3 pastebin dumps.
On the fourth day of Christmas, a malicious actor gave to me 4... read more >
In in a recently-released report, a leading technology research and advisory firm recognized Solutionary as a Managed Security Services Provider (MSSP) leader in North America.
Analyst reports like this are extremely useful for enterprises that are considering vendors to provide a service, giving them advice and perspective on a range of potential vendors.
For this research, the firm chose participants based on their ability to deliver enterprise managed security services to clients in North America. Participating companies were evaluated based on 26 criteria grouped into the following three categories:
- Current offering
- Market presence
To learn more about the MSSP market and how Solutionary was evaluated, download the full report... read more >
Collecting, Monitoring and Retaining Critical Log Data for Compliance
Are you considering a managed security services provider (MSSP) as a part of your security management program?
If so, you probably have a good idea of how systems and application event logs can detect problems and provide valuable information about what is happening in your environment.
When log generation is configured correctly, and logs are properly used, the data can be the canary in the coal mine that alerts you to danger; the shining path you can follow, showing you where an attacker has been and the damage created. The data can serve as evidence, sometimes giving you a warm feeling of satisfaction that a problem has been solved or the realization that a villain has met justice. Beyond that, these logs can be an important part of meeting regulatory and compliance standards.
Discussion about... read more >
Finding the Sweet Spot for Effective Security Monitoring
Log monitoring should be a foundational piece of any organization's security program. Regardless of whether the monitoring is completed by a Managed Security Services Provider (MSSP) or an in-house security information event management (SIEM) tool, key details about the activity occurring on the network and in key systems and applications should be captured and analyzed for security incidents, operational issues and regulatory compliance. If configured correctly, these device and application logs can provide great insight into the activity occurring on the network, legitimate or otherwise. However, the first step toward understanding the bad things that occur is to make sure you can understand the good things that are happening, and what is happening in general.
One of the most challenging steps for setting up a robust monitoring program is to determine what and how much to... read more >