📜 Post with us on Reddit
📝 Create a new article
🏭 Create a company page
🇬🇧 - in English
🇫🇷 - en Français (FR)
🇵🇹 - em Português (PT)
🇩🇪 - auf Deutsch (DE)
🇯🇵 - 日本語で (JA)
Sponsored articles

You can edit almost every page by Creating an account and confirming your email.

Co-managed Security

From EverybodyWiki Bios & Wiki


The Co-Managed IT security service model entails security monitoring, event correlation, incident response, system tuning, and compliance support across an organization's entire IT environment. Co-Management allows organizations to collaborate with their managed security service providers by blending security expertise of the provider with the contextual knowledge of the customer to optimise security posture.[1]

Outsourcing all IT security affairs can leave clients in the dark in regards to major security breaches or events.[2]

The combined involvement of the client and managed security service providers (MSSP) in relation to SIEM softwares allow for immediate response to security breaches, increased transparency and reduce workload for internal IT security teams.

The cooperative management of SIEM softwares can allow for the sharing of expert knowledge between internal IT security teams and the MSSP.

Co-Managed security services also allow for organizations’ critical data and tools to be remotely managed by a team of certified engineers and security analysts from a 24/7/365 Security Operations Center (SOC). This service approach allows for customer data to remain in-house while the SIEM platform is either on-site or cloud-hosted. The service provider's staff work in conjunction with customer security teams to outline the rules of engagement inside the environment to provide monitoring and response to alerts in real-time. The Security Operation Center also provide the “care and feeding”, and development of a variety of security solutions. The co-managed approach also allows organizations to focus on emerging internal projects and other critical areas of IT.

According to Gartner's How and When to Use Co-managed Security Information and Event Management report, “Co-managed SIEM services enable security and risk management leaders to maximize value from SIEM and enhance security monitoring capabilities, while retaining control and flexibility.” and "Co-management is on the rise and expected to grow five-fold by 2020."

SIEM,[3] IDS/IPS, Compliance Automation, Network Configuration Management Tools, Advanced Threat Intelligence, network access control, Endpoint Threat Detection and Response, application security, file integrity monitoring, Forensic Investigation, and Vulnerability Scanning and Assessment, are all examples of cyber security solutions that co-managed service providers support.[4]

References

  1. Gill, T. Grandon. Cybersecurity Discussion Cases. Informing Science. ISBN 978-1-68110-037-1. Search this book on
  2. Dosal, Eric. "3 Advantages of Using Co-Managed SIEM". www.compuquip.com. Retrieved 2020-08-03.
  3. "Security Information And Event Management (siem)". Gartner. Retrieved 2020-07-05.
  4. "Co-managed SIEM". www.eventtracker.com. Retrieved 2020-07-05.


This article "Co-managed Security" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Co-managed Security. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.


Retrieved from "https://en.everybodywiki.com/index.php?title=Co-managed_Security&oldid=4721818"
License CC BY-SA 3.0
Powered by MediaWiki