Methodological and effective management of Intrusion Detection and Prevention Systems

Managed Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS) play an integral role in responding to incidents and intrusions. Effective management of IDS/IPS requires a methodological and systematic approach in order to continuously tune, update, patch and configure. Most organisations are facing the following challenges with regards to their IPS/IDS:

• Having the dedicated expertise that ensure IDS/IPS are properly tested and fine-tuned to the relevant environment. This is required to enable appropriate actions and responses to threats.
• Having access to global threat intelligence data to effectively eliminate false positives out of the multitude of alerts that IDS/IPS systems generate.
• Developing and maintaining a clearly documented and actionable approach to treating intelligence stemming from IDS/IPS.

What we offer

Shearwater can analyse your IDS/IPS needs based on technical and business requirements to develop an optimal specification suited to your needs. We also conduct assessments of your existing IDS/IPS infrastructure and its interaction with your network, with an aim of optimising, configuration, and fine tuning deployments to ensure optimal results. We offer:

• Design, provisioning, deployment, configuration, and testing.
• Ongoing management including patching, upgrades, rule changes, change management and signature updates.
• Threat monitoring, classification and response, along with combining alerts from your network with global intelligence information.
• Extensive reporting that provides real-time insights into your organisation’s security posture.
• Level 1,2,3 support and timely incident notification, response, and escalation.
• Backup and recovery.
• Compliance with PCI DSS and other security standards.