There are quite a few rumors floating out there about managed security services, and we're here to set the record straight.
How can a Managed Security Services know my business? Only someone full time will understand.
Similar to RedLegg's co-managed SIEM service, as a Managed Security Services Customer, you are assigned a Tier 1, 2 and 3 engineer which includes a Security Architect.
It is their job to know your company and your business and how it will operate.
Will it take time? Yes, it will take a month or so to understand your business and to tune everything to your needs and desires. Best rest assured, they will know your business.
If I go with Managed Security Services, I am sharing resources with 3240823438 other customers. It is not just about me.
It is true that Tier 1, 2 and 3 engineers will have a few other customers. But this is good for your business.
The Managed Security Services team is using knowledge from other experiences and applying it to your environment when needed.
These Managed Security Services companies mainly hire lower-end security service engineers who just respond to general threats and just respond and detect to those basic threats.
Good gosh, no! General security threats are the majority that are out there.
Yes, those will be reported as need be by company requirements but it is not only general security threats. Alerts are documented and maintained. This is essential.
With the tiered staffing model escalations are easily made to your security architect as well as pivoted to different groups such as governance and compliance and threat intel teams as needed.
Additional tools and resources that are not traditionally used by a company are used in special cases as needed to gather more intel and discovery.
That being said, we recommend you review the SIEM service data sheet below that compares fully-managed vs co-managed SIEM. You might be surprised by what you find!
Read more about what co-managed SIEM is, the effort difference between in-house and co-managed SIEM, or see how co-managed SIEM can lead to better security operations for your team.