Freely subscribe to our NEWSLETTER

The formal partnership allows the companies to tightly integrate LogRhythm’s SIEM solution – winner of SC Awards Europe 2020, Best SIEM Solution – with Getronics data processing and storage, located in the EU and meeting all GDPR regulatory requirements. The standard Getronics offering is a highly cost-efficient, multi-tenant solution, with dedicated cloud. On-premises deployments are available for clients with specific needs.

The Getronics’ security operations centre, located in Barcelona, is underpinned by LogRhythm’s collection, parsing, processing and long-term storage of logs from a wide range of log sources, with support for over 850 sources (such as Windows, Linux, syslog, Cloud and flow data) and the possibility to create custom parsers to extend this.

LogRhythm’s unique Machine Data Intelligence framework with over 600,000 normalisation rules provides scaling and efficiency. To feed into this, Getronics has developed a Configuration Management Framework to map full lifecycle requirements for log generation, collection and processing that is both effective and mindful of cost.

In turn, the output from rule-based processing will identify specific security events and trigger alarms using Getronics’ MITRE ATT&CK based detection playbook. This transforms a data lake of billions of logs into a manageable number of alarms for enrichment with threat intelligence and processing by dedicated security analysts.

The output also provides the insights needed to report against a wide range of compliance frameworks, including Getronics advanced ISO27001 report which provides both top-level control outcome summaries and highly granular drill-down on individual control data with analyst findings.

The combination of Getronics’ 24x7 security service offerings and the market leading LogRhythm platform offers customers the peace of mind that their environments are being continually monitored by a team of experts using cutting edge toolsets. Investment in the platform and people is managed by Getronics, reducing capital outlay and removing the recruitment and retainment headache of employing security staff, thereby delivering a fully managed SIEM solution.

The extensible and efficient service ensures false positive alarms are rapidly eliminated, with the remaining investigations being raised in integrated LogRhythm case management, with logs and analyst findings attached in an evidence locker. Dedicated incident handlers then apply pre-planned courses of action, adapted to the client-specific context as required, to rapidly contain, mitigate and eradicate any breach.

Security orchestration and automated response is provided through LogRhythm’s ‘SmartResponse’ functionality, which enables both automatic, scripted response triggering at machine speed in response to alarms – and optional scripted responses that can be triggered manually by an analyst or incident handler.

The solution includes an option for network traffic analysis including full packet capture, layer 2-7 deep packet inspection and analysis with automatic identification of over 3,500 applications that is fully integrated with the SIEM. This is the gold standard in network detection and forensics, allowing not just identification of unwanted traffic such as Bittorrent but also advanced functions such as file reconstruction to determine exactly what a user sent or received or identifying attacker techniques such as reverse PowerShell.