Andreas Lalos, Co-Founder & CEO
“Security leaders are striving to help their organizations securely use technology platforms to become more competitive and drive growth for the business,” says Siddharth Deshpande, research director at Gartner commenting on the firm’s forecasts for worldwide information security spending. Furthermore, a large portion of respondents to Gartner’s security buying behavior survey said they plan to deploy specific security technologies, such as security information and event management (SIEM), in a hybrid deployment model in the next two years.
HybridSIEM is the brand-name of the next generation managed SIEM service offering from BeSecure that is based in Lewis, Delaware, with offices in Brussels, Athens, Bucharest, and Limassol. BeSecure's managed security services are primarily focused on North America and Europe. BeSecure delivers managed security services through an established 24/7 security operations center (SOC). The core service is 24/7 security event monitoring and response through HybridSIEM for threat detection use cases and reporting for compliance use cases across a technology-agnostic range of log event and data sources. In addition to security event monitoring and response services, BeSecure provides security technology administration and management of firewalls, unified threat management (UTM), intrusion detection and prevention system (IDPS), managed vulnerability management services, managed web application firewall (WAF) services, managed VPN connectivity services, and incident response services. “BeSecure further plans to expand to the security monitoring of cloud-delivered services, both SaaS and IaaS, as well as operational technology (e.g., ICS/SCADA) environments, and Internet of Things (IoT) devices,” as has been stated by Andreas Lalos, CEO and co-founder of BeSecure.
According to BeSecure, compared to other managed service providers, whose pricing is based on events per second (EPS) or events per day (EPD), HybridSIEM’s pricing policy is based on the number of managed nodes, providing economies of scale and predictable total cost of service. Three tiers of HybridSIEM services are available: Log Retention Service, Standard, and Premium Security Monitoring Service, which are aimed at a range of buyers from small and medium-sized enterprises. HybridSIEM service encompasses User and Entity Behavior Analytics, that is focusing on monitoring both suspicious user behavior as well as other entities such as cloud, mobile or on-premise applications, endpoints, networks, and external threats, drastically reducing the detection time of malware outbreaks by using algorithm driven analytics to detect beaconing, lateral movement, or weaponization. As stated by Lalos, HybridSIEM allows users to quickly detect unusual behaviour in networks and applications to prevent misuse and data breaches with “out-of-the-box” GDPR features for compliance monitoring and reporting. Furthermore with File Integrity Monitoring (FIM) capabilities, HybridSIEM alerts users whenever a new directory or file is created, deleted, renamed, or altered in its content, so an organization’s administrators can maintain an overview of your sensitive assets.
BeSecure's SOC security analysts are gathering threat intelligence that powers HybridSIEM's capabilities for advanced threat detection and response. Threat intelligence information is gathered from security vendors, intelligence groups, and external threat intelligence feeds. Furthermore, the alerts are context-rich relative both to the threat intelligence information and customer specific context. BeSecure's SOC operations are ISO 27001 compliant and HybridSIEM's service building blocks are Common Criteria EAL 3+ certified.
The HybridSIEM next generation managed SIEM service offering from BeSecure provides customers the power of a hybrid or co-managed SIEM allowing them to maintain control of their log data complying with most rigorous security requirements. At the same time, by leveraging its powerful query language and easy build dashboards, HybridSIEM provides in-premise visibility and search/ analytics capabilities. A customer portal is provided from BeSecure for interaction with SOC team, access to knowledge base and interaction with other BeSecure provided services.