Critical Start, a Top 250 MSSP and managed detection and response (MDR) provider, has released a Managed Security Information and Event Management (SIEM) service that supports Microsoft Sentinel and Splunk Cloud Platform, according to a prepared statement.
Managed SIEM simplifies the architecture and deployment of SIEM solutions, Critical Start stated. In doing so, Managed SIEM helps organizations get the most value out of their SIEM investments.
What Critical Start's Managed SIEM Service Offers
Managed SIEM "works cohesively with customers' SIEM products to handle the heavy lifting associated with implementation and customization," Critical Start SVP of Product Chris Carlson said. It provides recommendations for log source tuning to lower SIEM ingestion costs. At the same time, the service detects threats across customer environments.
Other Managed SIEM features include:
- Custom development for customer-specific dashboards, reports and log sources to support security, risk, compliance and audit use cases
- Quarterly service reviews that provide visibility into how customers' SIEM products are performing
- Cost analysis for Microsoft Sentinel, which analyzes billing and ingest costs for Microsoft data sources
- Data source health monitoring that consists of log source performance, availability and capacity monitoring
- Risk reduction reviews based on log sources and detection content to ensure customers can maximize their security coverage under the National Institute of Standards and Technology (NIST) Cybersecurity and MITRE ATT&CK Matrix frameworks.
Managed SIEM is an add-on to Critical Start's MDR for SIEM offering, the company said. Customers can add Managed SIEM when they purchase Critical Start's MDR service or at any point during their MDR contract term.
Critical Start Adds Funding
The Managed SIEM launch comes after Critical Start in April 2022 secured a $215 investment from private equity firm Vista Equity Partners. Critical Start is using the investment to scale its MDR offerings, the company noted.
Critical Start provides MDR services backed by its Zero Trust Analytics Platform. The company offers a partner program that allows MSSPs and MSPs to integrate endpoint detection and response (EDR) and SIEM capabilities into their security services. It continues to explore expansion opportunities and is looking to grow by 35% by the end of 2022, a company spokesperson told MSSP Alert.