Vigilant Rolls Out Managed SIEM

vigilant_managed-security-services

Vigilant’s Fusion for SIEM offering takes a hybrid approach to the technology. Some managed security services providers provide an in-house SIEM capability, remotely taking in customers’ security logs. Vigilant’s approach  is to leave the SIEM gear at the customer’s location and focus on configuration, management and maintenance.

This hybrid, or co-sourcing, model keeps customer data on premise, providing a measure of control that Vigilant says ranks as an important feature for security-conscious sectors such as financial services and federal government.

Word From the Top

Alison Andrews, Vigilant’s CEO (pictured), said her company’s take on managed SIEM also provides the ability to tailor solutions to the client’s environment and add business context to the technology. An MSSP’s shared SIEM solution, in contrast, tends to be “plain vanilla” since the service provider must manage across multiple clients, she explained.

Vigilant isn’t the only firm to pursue the hybrid tack. Intellitactics , which provides SIEM technology, has noted increased interest among MSSPs in co-sourcing. Next up, Intellitactis and Quest, a managed services provider, this week announced a pact in which Quest will install Intellitactics’ SAFE SIEM appliance at a customer’s location and “provide remote expertise to monitor logs and analyze security events.”

Vigilant, for its part, works with such SIEM providers as RSA, ArcSight and Q1 Labs. “We are certified on a number of different technology platforms,” said Vigilant’s Andrews.

And SIEM vendors, in turn, may become certified to resell Vigilant’s Fusion for SIEM. Andrews said Vigilant has had conversations with vendors to that effect, but no deals have been struck at this point. She said the company would consider other service providers offering its SIEM service, but noted that Vigilant isn’t actively targeting such arrangements at this point.

Contributing blogger John Moore covers Master MSPs, Web hosts and emerging opportunities. Follow MSPmentor via RSS; Facebook; Identi.ca; and Twitter. And sign up for our Enewsletter; Webcasts and Resource Center.