SIEM Services

Professional SIEM Services

SIEM services benefits                SIEM project stage by stage               SIEM-based specific services             Why ScienceSoft             Selected projects

Security Information and Event Management (SIEM) is a set of tools and services to detect targeted cybersecurity attacks and data breaches. Since 2004, ScienceSoft, an IBM Silver Business Partner, offers full-scale SIEM services to protect the sensitive data of our customers.

Benefits of SIEM Services

• Pro-active security incidents detection based on raw event and log data.
• Improved efficiency of incident response activities.
• Optimization of IT and network operations.
• Security compliance simplification.

CONTACT US

SIEM Project with ScienceSoft Stage by Stage

Every SIEM project encompasses five core stages:

To employ the capabilities of a SIEM system to the full, customers may also require two optional SIEM services: fine-tuning and training, which may be implemented as separate projects.

ScienceSoft’s SIEM consultants are familiar with the challenges that customers face at each stage of a SIEM delivery project and know how to address them.

SIEM requirements gathering and processing

After analyzing initial requirements of a customer and network infrastructure of their company, ScienceSoft’s security consultants estimate project efforts and offer an optimal set of requirements depending on the scope and the customer’s security and pricing policy.

SIEM design

Together with creating SIEM system design documentation, ScienceSoft’s security consultants define project acceptance criteria and confirm them with the customer to ensure full requirements coverage.

SIEM implementation

What we do:

• Deploy a SIEM system on the customer’s network environment.
• Provide SIEM system basic configuration.
• Connect out-of-the-box log sources.
• Connect custom log sources.
• Deliver a fine-tuned SIEM system and provide reports.

SIEM implementation challenges we address:

• Undetected security attack vectors.
  Solution: high-quality audit baseline development for all target systems.
• Disconnected custom log sources.
  Solution: custom target system investigation prior to custom log source connection.
• Presence of various log source types.
  Solution: creation of correlation rules with multiple conditional levels for multiple log source types.

SIEM fine-tuning

To maximize a SIEM system ability to detect intruders and to save time of an administrator, ScienceSoft’s security consultants analyze the operation of the SIEM system within the customer’s network and tune it to get rid of false positive correlation rules.

SIEM training

ScienceSoft’s SIEM consultants are ready to share their knowledge with the customer’s security team in SIEM system management with a series of practice-oriented training sessions. Understanding the importance of the face-to-face contact between trainers and trainees, ScienceSoft offers in-house training sessions on the customer’s SIEM deployment.

Depending on the level of the customer’s security staff’s experience in SIEM system management, ScienceSoft’s IBM-certified consultants organize and conduct two tailored SIEM training sessions: Fundamentals and Advanced.

The Fundamentals training module includes the following highlights:

• Introduction into IBM Security QRadar SIEM
• Security Data
• QRadar User Interface
• Data Sources
• Advanced Searching
• Rules and Building Blocks
• Advanced Reporting
• Health Monitoring

The Advanced training module, targeted at more QRadar-savvy specialists features the following topics:

• Introduction to QRadar Administration Features and Functionality
• Security Events Normalization
• Building log source extensions (LSX) (normalization part)
• Building log source extensions (LSX) (mapping part)
• Building Blocks (BB) Overview and Specifics. Enabling Custom BB
• Rules Overview
• Creating Rules
• Tuning Rules
• Fine Tuning False Positives
• Offenses
• QRadar Risk Manager
• QRadar Vulnerability Manager

SIEM delivery

ScienceSoft security professionals have earned their reputation for delivering SIEM services that satisfy customers’ needs. SIEM delivery includes the following stages:

• Final check of the SIEM system performance.
• Acceptance testing by the customer.
• Physical handover of all the source codes, documentation and access keys).

SIEM support and maintenance

ScienceSoft ensures performance capacity of the SIEM system features and elements included in the scope of a SIEM project we’ve implemented in case the way of log source connection changes, new event types are added or the SIEM system is updated.

SIEM-Based APT Protection

SIEM-Based Specific Services

SIEM-based ATM security

As ATM network attacks are becoming more and more sophisticated, SIEM-based ATM security solutions come into play. ScienceSoft’s information security consultants respond to the growing ATM security threat by conducting an ATM network audit, incident data collection and analysis, security assurance of ATM network design and creating custom correlation rules for the customer’s SIEM system. This comprehensive approach enables security administrators to cover all the ATM threat types.

Why Choose ScienceSoft’s SIEM Services?

Expert knowledge of IBM QRadar SIEM architecture and implementation. 200+ completed projects in cybersecurity. Team of experienced SIEM architects, developers, testers and IBM-certified consultants. Deep knowledge of operating systems, software and device audit, logging, and security subsystems. Considerable hands-on experience in SIEM integration, configuration, support and maintenance.

Why Choose ScienceSoft’s SIEM Services?

ScienceSoft proved to be a professional service provider from the outset. We appreciate their proactive approach and ability to suggest improvements to a prospective solution on both architectural and business levels. We know we can always rely on ScienceSoft’s various competencies when our clients require quality software which would facilitate their business success.

Mikhail AnfimauSenior Solution Architect, Leo Burnett



ScienceSoft proved to be a professional service provider from the outset. We appreciate their proactive approach and ability to suggest improvements to a prospective solution on both architectural and business levels. We know we can always rely on ScienceSoft’s various competencies when our clients require quality software which would facilitate their business success.

Mikhail AnfimauSenior Solution Architect, Leo Burnett



ScienceSoft proved to be a professional service provider from the outset. We appreciate their proactive approach and ability to suggest improvements to a prospective solution on both architectural and business levels. We know we can always rely on ScienceSoft’s various competencies when our clients require quality software which would facilitate their business success.

Mikhail AnfimauSenior Solution Architect, Leo Burnett



ScienceSoft proved to be a professional service provider from the outset. We appreciate their proactive approach and ability to suggest improvements to a prospective solution on both architectural and business levels. We know we can always rely on ScienceSoft’s various competencies when our clients require quality software which would facilitate their business success.

Mikhail AnfimauSenior Solution Architect, Leo Burnett
Previous
Next

Selected Projects

IBM Security QRadar SIEM Implementation for 70+ US State Agencies

ScienceSoft implemented and customized IBM Security QRadar SIEM for one of the US states’ government. The solution enabled permanent collection and analysis of events coming from log sources of more than 70 state agencies.

LEARN MORE

Implementation of QLean for QRadar for a Major North American Bank

ScienceSoft implemented its proprietary QRadar tool QLean for a bank with 15+ mln clients and an extensive IT network.

LEARN MORE

IBM QRadar SIEM Customization and Implementation for a Hospital with 2000+ Staff

ScienceSoft deployed and configured a HIPAA-compliant IBM SIEM Security QRadar solution to the IT infrastructure of Saudi Arabia health organization with 2,000 employees. The software can process over 100 million medical transaction events per day.

LEARN MORE

Phase 2 IBM Security QRadar SIEM Implementation for a Top 30 US Bank

ScienceSoft adjusted IBM Security QRadar SIEM to a Top 30 American bank’s network with new log sources and more precise offence detection.

LEARN MORE

QRadar Performance Optimization with QLean for an Electric System Operator

Having purchased two IBM® Security QRadar solutions, the Customer decided to enhance it with ScienceSoft’s proprietary tool helping to optimize QRadar performance and detect its deviations

LEARN MORE

Get in Touch

Our IBM-certified SIEM consultants are ready to respond to a security challenge of any complexity.

 

CONTACT US