The BCNET SIEM-as-a-Service, fully hosted in a secure, Educloud environment, is designed to strengthen your institution's security posture by simplifying the management and monitoring of your business-critical systems and applications.
Security Information Event Management (SIEM)-as-a-Service offers members all the benefits of a SIEM solution without the challenges of securing capital investment. BCNET manages the infrastructure, maintenance, upgrades, patches, capacity planning, backups and security of the entire system.
Leverage our experience in implementing and managing SIEM environments. BCNET together with 12 provincial, territorial and federal partners of the National Research and Education Network (NREN) acquired and developed security expertise to support the effective deployment of SIEM infrastructure for the NREN. Today, our national cohort of SIEM professionals continually collaborate for ongoing learning and knowledge sharing.
Security Information Event Management (SIEM) software collects data to provide a holistic view on an organization's security posture. The software collects data from the different technologies within your system, monitors and analyzes that data for deviations and possible security risks, and then takes the appropriate action against those threats.
It works by combining two technologies:
- security information management (SIM), which collects data from log files for analysis and reports on security threats and events
- security event management (SEM), which conducts real-time system monitoring, notifies network admins about important issues and establishes correlations between security events.
BCNET will provide the following services focused on each member’s identified use case(s):
- Analyze collected security events and validate parsed event types
- Set notifications on rules of interest
- Create and deliver customized scheduled reports
- Create customized dashboard for incident insights
- Training and Knowledge transfer to member resources
- Reduce complexity and costs by using a managing solution
- Simplify deployment
- Strengthen your institution's security posture
- Fully customizable to meet your institutional needs
- Hosted and managed SIEM platform in the BCNET Educloud environment
- Customizable solution
- Event log consolidation and management
- Configuration change management
- Compliance reporting
- Solution setup and device onboarding
- Weekly device discovery validation
- Out of the box and customized rules for your institution
- Ongoing rule tuning and false positive reduction
- Customized, enriched notifications including response guidance
- Integrated 3rd party threat feeds
- Automated alerts and notifications
- Custom report creation and scheduling
- Audit support
- On-demand, security event monitoring services with automated alerting, security event notifications, dashboards and reporting in a cloud-based model
- Receive real-time analytics on threats and security alerts that are created by business-critical devices and applications
A correlation of events gathered from different logs or sources
Automatic security event notifications and dashboards
Utilizes high-fidelity rules to minimize false positives