Alert/Event Monitoring & Response

The STIGroup Managed Security Operations (“MSO”) practice provides security operations management, administration, monitoring, and response services at the network, system, database, and application layers of our client technology environments, to ensure that actionable situations at these layers are detected, reported, and mitigated as efficiently as possible. Through a combination of open source and commercial packages, as well as custom monitoring tools,

STIGroup receives security alerts that are analyzed, investigated, and reported based on severity. In depth security infrastructure console reviews are performed on a scheduled and as-needed basis to identify trends, capacity issues, and performance bottlenecks. The STIGroup MSO team maintains a 24 hour rotation schedule for event monitoring. Also, a lead technical security analyst is assigned that is responsible for ensuring all service SLAs are met and open issues are tracked, reported, and addressed effectively. A ticketing system is used for the tracking and reporting of all Client incidents and service requests.