More than 85 percent of Vigilant's new customers who made previous investments in SIEM products have said they were frustrated with the results. For companies to achieve the full potential of SIEM, they need both the highly skilled technical resources to manage the precise, granular configuration of the SIEM itself, as well as the programmatic guidance needed to ensure alignment with larger IT risk management objectives. Unfortunately, in today's economy, few companies can afford the skills and human resources needed to execute this properly without some outside help. Most also cannot afford to undertake massive professional services engagements that don't deliver immediate results. With six years of specialization in SIEM product deployments, Vigilant has built the Fulcrum Framework to capture field-tested best practices so that effective SIEM solutions, tailored to the particular requirements of each customer, can be delivered faster and with higher-quality results.
The Fulcrum Framework has search features which associate the ISO 27002 security standard, various industry-specific standards and government regulations with detailed, pre-built SIEM configurations needed to achieve compliance and other security program objectives. It provides technical guidance on SIEM within the context of the company's larger IT risk management program.
"This is a great approach," says Bill Edwards, former chief security officer (CSO) at a leading online brokerage firm and member of Vigilant's advisory board. "It enables companies to easily and accurately accomplish the fundamentals of SIEM deployment so they can more quickly focus on building the advanced capabilities necessary to proactively detect threats to critical applications and data in real time. When you're protecting what's really important to your business, you've got more than a security operations tool " you've got a business tool. Vigilant's Fulcrum Framework helps bring those worlds together."
The Fulcrum Framework, which supports SIEM offerings by several leading product vendors, is an underpinning of both Vigilant's on-site SIEM integration services, as well as its remotely delivered "co-sourcing" offering, a managed service that helps customers achieve ongoing configuration of SIEM at a fraction of the cost of on-site services. Vigilant's co-sourcing services also offer security risk and maturity metrics and reporting, which are enabled by features of the Fulcrum Framework.
"The Fulcrum Framework addresses the basic 'Catch-22' of SIEM technologies," said Joe Magee, CTO, Vigilant. "The rich capabilities of SIEM can enable IT teams to take security management to a whole new level " both in terms of staff efficiency and actual effectiveness in detecting security threats and achieving compliance. While many people expect key capabilities to be ready-made in the products, in reality it takes a lot of development time. Clients often find themselves burning precious hours managing the SIEM technology rather than addressing security incidents. Our Framework gives clients back those hours, enabling them to focus on operational efficiency and threat response."
About Vigilant Vigilant LLC provides on-site and managed services that help IT security teams better defend and enable today's dynamic business by refining and extending the security information and event management infrastructure. The company's pragmatic approach solves today's urgent security problems, while enabling rapid progress toward longer-term security program objectives. Vigilant empowers customers to more efficiently respond to shifting threats, achieve regulatory compliance, prioritize protection of services that drive revenue and competitive advantage, and measure progress of the overall IT risk management program. Founded in 2003, Vigilant is headquartered in New York and serves a wide range of global and regional organizations whose mission requires them to secure highly sensitive and regulated services.