About Security Information Event Management
Security Information Event Management (SIEM)-as-a-Service is designed to strengthen an institution's security posture by simplifying the management and monitoring of your business-critical systems and applications. SIEM-as-a-Service offers members all the benefits of a SIEM solution without the challenges of securing capital investment. BCNET manages the infrastructure, maintenance, upgrades, patches, capacity planning, backups and security of the entire system and hosts in a secure educloud environment. SIEM software collects data to provide a holistic view on an organization's security posture. The software collects data from the different technologies within your system, monitors and analyzes that data for deviations and possible security risks, and then takes the appropriate action against those threats.
SIEM Works by Combining Two Technologies:
- Collects data from log files for analysis and reports on security threats and events.
- Conducts real-time system monitoring, notifies network admins about important issues and establishes correlations between security events.
National SIEM Collaboration
In collaboration with 13 provincial, territorial and federal partners of the National Research and Education Network (NREN), we acquired and developed security expertise to support the effective deployment of SIEM infrastructure for the NREN. Today, our national cohort of SIEM professionals continuously collaborate for ongoing learning and knowledge sharing.
Member institutions can leverage our experience in implementing and managing SIEM environments.
What You'll Get
- Hosted and managed SIEM platform in BCNET educloud environment
- Customizable solution
- Event log consolidation and management
- Configuration change management
- Compliance reporting
- Solution setup and device onboarding
- Weekly device discovery validation
- Out of the box and customized rules for your institution
- Ongoing rule tuning and false positive reduction
- Customized, enriched notifications including response guidance
- Integrated 3rd party threat feeds
- Automated alerts and notifications
- Custom report creation and scheduling
- Audit support
SIEM offers the following services focused on each member’s identified use case:
- Analyze collected security events and validate parsed event types
- Set notifications on rules of interest
- Create and deliver customized scheduled reports
- Create customized dashboard for incident insights
- Training and Knowledge transfer to member resources