Security Services
Leveraging technology for your business goes beyond just developing digital products. That’s why we also crafted a suite of services to provide you with guidance and expertise. We give you the boost you need to harness the full power that your products have to offer.
You don’t need to commit to a big project to profit from our expertise. If you already have technologies or development teams in place, Digital Survival Group can still help you get the most out of them. From providing training so you can do it yourself to working together to deliver a project, our Expert Services are designed to help you improve your in-house capabilities and applications. The end goal is that you have full independence, and we’re happy to help you get there.
Managed cloud SIEM platform
The managed cloud SIEM platform serves as the technical core of the offered solution. This platform is based on Microsoft Sentinel and includes custom use cases and data connectors. Digital Survival Group continuously maintains and updates these custom use cases and data connectors.
Services provided for the managed cloud SIEM platform include:
- Provisioning and management of the IP (Intellectual Property)
- Maintenance and update of existing and new custom use cases
- Maintenance and update of all linked data connectors and associated data storage within Microsoft Sentinel
Managed automated response
The most critical aspect of the security service is perhaps the actual response to a potentially compromising alert. In the vision and service offerings of Digital Survival Group, this response is as automated as possible. This is done not only to save manual effort but primarily to create speed of action and repel potential attacks as quickly as possible.
Services provided include:
- Response to security incidents
- Maintenance of automated responses
- Development of new automated responses
Managed detection (T1 & T2)
Managed detection involves first and second-line monitoring, detection, dispatch, and management of security alerts detected by the managed cloud SIEM platform.
Services provided include:
- 24/7 detection, monitoring, and response to security alerts (24/7 monitoring and response depending on SLA)
- Proper logging and registration of incidents
- Resolution of first and second-line incidents where possible, otherwise routing to the appropriate resolution groups. Additionally, we monitor progress and SLA agreements
- Monthly security reporting
- Input of frequent cases for managed (automated) response to further optimize SOAR (Security Orchestration, Automation, and Response) capabilities