MSSP RedLegg has launched the Watchtower case management platform to help its security analysts identify and address customer security risks.
Watchtower empowers RedLegg security analysts to detect cyber risks in customer security information and event management (SIEM) deployments, according to a prepared statement.
RedLegg security analysts can use Watchtower to manage, investigate and contextualize security intelligence in live customer environments, the company stated. They also can leverage Watchtower to collect security information and monitor cyber risks to identify cyber threats across both customer environments and industries.
Key features of Watchtower include:
- Case Management: Correlates security tasks and alerts into a single investigated case.
- Malware Sandboxing: Forwards malicious files and IPs and ensures they are destroyed safely in a sandbox environment.
- Standardized Workflows: Automatically presents tasks and workflows to RedLegg security analysts when new cases are created.
- Threat Analysis: Features built-in automated and on-demand analyzers that allow RedLegg security analysts to gather security information and intelligence.
Watchtower is now available to RedLegg managed security services customers.
RedLegg: Here's What You Need to Know
Founded in 2008, RedLegg is a Chicago, Illinois-based and veteran-owned MSSP. It offers the following managed security services:
Advanced Threat Defense: Provides network traffic-level analysis and protection against both lateral and web-based attack types and vectors.
- Endpoint Detection and Response (EDR): Detects and analyzes potential cyber threats before they lead to breaches.
- Intrusion Prevention and Detection: Safeguards networks from both known and unknown threats and stops cyberattacks that otherwise could take advantage of network vulnerabilities and unpatched systems.
- SIEM: Gathers logs and events from network hosts and provides alerting on events that match pre-determined criteria.
- Threat Intelligence: Collects security data from multiple sources, removes duplicate data entries and helps an organization generate actionable intelligence based on the security information at its disposal.
- Unified Threat Management (UTM): Uses firewall and virtual private network (VPN) technology to help organizations build and deploy custom UTM policies.
RedLegg also offers a program that enables channel partners to resell its managed security, advisory and penetration testing services.