ClearSkies™ Professional Services
A Complete set of Services
Make the most out of your ClearSkies™
ClearSkies™ Professional Services provide a complete set of services revolving around the ClearSkies™ Threat Detection, Investigation & Response (TDIR) Platform .
These services help you to successfully implement and improve your organizational security posture while using ClearSkies™ products. Specifically, with ClearSkies™ Professional Services, our experts help with the design, implementation, configuration, optimization and training needed to get the most out of ClearSkies™ products.
ClearSkies™ Implementation Services
Installation and Initial Configuration
The initial planning and design of your SIEM implementation based on the parameters of your digital ecosystem is vital to how effective your SIEM ends up being.
Installation and initial configuration services help you with the planning, design, implementation and configuration of ClearSkies™ products.
What you get
- ClearSkies™ iCollector™ sizing
- Definition of required resources
- Analysis of your network architecture
- Recommendations as to where the iCollector™ should ideally be connected
- Definition of network access communication and access rights for successful redundancy
Onboarding of In-Scope Assets
The assets to be onboarded on your SIEM implementation must be carefully chosen among the numerous assets in your company.
Onboarding of In-Scope Assets services help you configure ClearSkies™ SIEM to collect and analyze Log and Event data from your digital assets, based on your Information Security and compliance needs.
What you get
- Analysis and understanding of your network and security infrastructure
- Optimal selection of devices to be included in in-scope asset list
- Configuration guides and step-by-step instructions for device configurations
- Optimization of the devices’ logging configuration
- Verification of the connectivity and the reception of log and event data
- Information gathering for SOC monitoring
ClearSkies™ Configuration Services
Implementation of Incident Escalation Process and Flows
The proper design of Incident escalation flows, Incident Handlers role permissions, asset assignments and asset grouping, ensures the effective handling of security incidents.
Implementation of Incident Escalation Process and Flows services help you design and implement an effective incident escalation process and incident escalation paths for a successful incident management process.
What you get
- Effective handling of security incidents
- Proper understanding of the tasks of each user role
- Definition of an optimal incident escalation process
- Timely incident resolution, as per the defined SLA
- Users assigned relevant user roles as they engage in the incident management process (Incident Handler, Escalation Engineer, Chief Security Offices, Auditor etc.
ClearSkies™ Optimization Services
ClearSkies™ Effectiveness Assessment
Your SIEM environment needs to be regularly reviewed to ensure long-term sustainability and effectiveness.
ClearSkies™ Effectiveness Assessment services provide a comprehensive review of your ClearSkies™ environment to make sure that your SIEM deployment stays sustainable, stable and ready to scale.
What you get
- Identification of performance issues and risks
- Configuration of ClearSkies™ as per best practices
- Configuration review of the Configuration Wizard, Threat Intelligence, Endpoint Management, UEBA and other key ServiceModules
- Identification of misconfigured ServiceModules and proper configuration
- Reviewing implemented use-cases and playbooks
- Reviewing of implemented flows and escalation procedures
- Testing the alert mechanisms and escalation processes with emulating attacks
ClearSkies™ Endpoint Policy Configuration
Endpoints are still your organization’s weakest security link, being the target of choice for seasoned cybercriminals to disrupt your business operations, steal your valuable data and damage your brand reputation.
ClearSkies™ Endpoint Policy services help you to properly configure the ClearSkies™ Endpoint ServiceModule, which provides a platform for you to control the log and event data collection, monitoring and control all ClearSkies™ Endpoint features.
What you get
- Strategy design on the policy configuration of the Endpoints
- Endpoints’ update to the latest version
- Policy configuration and making the most out of the product
ClearSkies™ Log & Event Collection Optimization
Configuration optimization of your security and systems produces the data required for the security monitoring processes.
ClearSkies™ Log & Event Collection Optimization services review the current configuration of your security and system devices. They also analyze the log and event data produced by the devices and collected by ClearSkies™ SIEM, providing suggestions to improve logging.
Benefits
- Reduction of false-positive alerts
- Ensuring that valuable log and event data are produced by the devices and collected by the SIEM
- Ensuring that devices are not sending unnecessary log and event data
- Elimination of the performance impact on the device producing unnecessary log and event data
- Elimination of the resources impact on the ClearSkies™ iCollector™
ClearSkies™ Security Use Case Modelling and Adoption
Aligning compliance with your business needs and risk priorities is an important step towards successful security optimization.
ClearSkies™ Security Use Case Modelling and Adoption services help you analyze regulatory compliance requirements to design the approach by which to configure your SIEM.
Benefits
- Definition of the use-cases that will be implemented on ClearSkies™ SIEM
- Definition of the playbook flows
- Definition of the correlation of the log and event data
- Definition of alert escalation paths to an incident.
- Analysis of regulatory compliance requirements
- Definition of the best possible avenues towards alert notifications
- Translating the requirements into scenarios and configure the scenarios as ClearSkies™ Correlation Rules
ClearSkies™ Training Services
ClearSkies™ Risk Management and Compliance Officer
Risk Management and Compliance Officers monitoring the risk appetite of your organization, create the necessary reports to assist in meeting the compliance regulatory requirements, and audit your overall organization security.
ClearSkies™ Risk Management and Compliance Officer services provide detailed training on the ClearSkies™ ServiceModules that assist your Risk Management and Compliance Officer in their daily activities as well as making sure that they utilize the platform to gain valuable insights.
What you get
- Training in administrating the Compliance ServiceModule
- Training in the auditing of the Incident management process
- Training in reviewing the Cyber Risk exposure report, and taking necessary measures regarding the insights gain out of those statistics.
- Tapping into the insightful tacit knowledge of the experts who designed the products
- Customer-focused training on the specific ServiceModules
- Inside-out knowledge of the ClearSkies™ environment
- Understanding of your needs, enabling your Risk Management and Compliance Officer to escalate matters internally
ClearSkies™ Security Analyst
Security Analysts are the backbone of your SIEM management and security monitoring operations.
ClearSkies™ Security Analyst services provide detailed training on all aspects of the ClearSkies™ Secure Web Portal (SWP), the ClearSkies™ central management console.
Security Analysts are able to administer all ServiceModules of ClearSkies™, create users, enable notifications, run the Configuration Wizard, perform configuration changes on assets, manage incidents and review alerts and log data via the ClearSkies™ Secure Web Portal (SWP).
What you get
- Expertise in the administration of all ServiceModules of the ClearSkies™ Secure Web Portal (SWP)
- Ability to perform advanced configurations of the various modules
- Training from the team that knows the product inside and out
- Complete training on all features and capabilities of ClearSkies™ products
- Customer-focused training on the specific ServiceModules that help Security Analysts in their daily tasks
- Ability to answer specific questions to assist in Security Analysts in their environment and job roles
- Understanding of your needs to be able to review log and event data, escalate alerts and manage incidents internally
Request a callback
Are ClearSkies™ Professional Services for you?
Schedule a callback from one of our qualified representatives to discover the value you can get from ClearSkies™ Professional Services.