EiQ Networks, a provider of hybrid security as a service, has announced a co-managed SIEM and log management offering called SOCVue for Splunk Enterprise Security (ES).
Offered as a subscription service, the newest addition to the SOCVue line goes beyond a standard co-managed service to offer a highly integrated security monitoring program that combines people, process and technology to organizations using Splunk ES.
Through the Splunk Technology Partner (TAP) program, EiQ developed tight integration between Splunk ES and EiQ’s Security Operations and Analytics Platform. This integration allows SOCVue to enrich Splunk alert data with additional contextual information such as threat intelligence to identify and detect malicious activity and minimize false positives. Acting as a force multiplier for security teams, EiQ’s global SOC teams will monitor, analyze, and investigate alerts and respond with timely notification of any security incidents along with remediation guidance.
EiQ security experts will also assist in security content engineering, developing and implementing alerts and correlation rules to identify anomalies and thwart potential cyber attacks. Customers will be able to leverage SOCVue security analysts to conduct on-demand forensics investigations to find the cause of any issue. EiQ’s team will also help develop executive, compliance, and security reports to meet various compliance mandates such as PCI DSS, SOX, GLBA, HIPAA, FFIEC, COBIT, NIST and more.
