Critical Start, a Top 250 MSSP and managed detection and response (MDR) provider, has released a Managed Security Information and Event Management (SIEM) service that supports Microsoft Sentinel and Splunk Cloud Platform, according to a prepared statement.Managed SIEM simplifies the architecture and deployment of SIEM solutions, Critical Start stated. In doing so, Managed SIEM helps organizations get the most value out of their SIEM investments.Managed SIEM is an add-on to Critical Start's MDR for SIEM offering, the company said. Customers can add Managed SIEM when they purchase Critical Start's MDR service or at any point during their MDR contract term.
What Critical Start's Managed SIEM Service Offers
Managed SIEM "works cohesively with customers' SIEM products to handle the heavy lifting associated with implementation and customization," Critical Start SVP of Product Chris Carlson said. It provides recommendations for log source tuning to lower SIEM ingestion costs. At the same time, the service detects threats across customer environments.Other Managed SIEM features include:- Custom development for customer-specific dashboards, reports and log sources to support security, risk, compliance and audit use cases
- Quarterly service reviews that provide visibility into how customers' SIEM products are performing
- Cost analysis for Microsoft Sentinel, which analyzes billing and ingest costs for Microsoft data sources
- Data source health monitoring that consists of log source performance, availability and capacity monitoring
- Risk reduction reviews based on log sources and detection content to ensure customers can maximize their security coverage under the National Institute of Standards and Technology (NIST) Cybersecurity and MITRE ATT&CK Matrix frameworks.
