NTS Threat Detection Service | SIEM

The number of cyber-attacks is constantly on the rise due to advancing digitalization, the enlargement of the system environment of a company, trends towards remote work, as well as regulatory requirements such as NIS2. Therefore, it is essential that large businesses as well as SMEs be proactive and invest in their IT security. It is no longer a question of whether you are a target of an attack or not, but rather when. However, the outcome of an attack depends on if protection is existent or not.

It is the primary goal of NTS to support its customers in the area of security in the best possible way. Thus, NTS provides its own Security Operation Center with highly qualified engineers and analysts. NTS DEFENSE covers the security domain with various services. One of these is the Threat Detection Service|SIEM, which identifies threats in real time.

PRECISE MINIMIZING OF DANGERS

With TDS|SIEM, security relevant events are collected, correlated, and analyzed by means of log data. With the help of SIEM use cases (rules for the detection of suspicious behavior) and AI-assisted analysis, suspect behavior is detected and the NTS Defense Analysts are alarmed. The analysts analyze each alarm thoroughly in order to detect an actual threat. If this is the case, the customers are informed about it and supported in their tasks to overcome this incident.

The selection of use cases as well as individual adaptions are developed together with the customer, and it is focused on the biggest risks and threats for their operation. The use cases are continuously adapted and enhanced in the course of this service, in order to ensure optimal detection and to minimize a false positive rate during alarms. For many businesses it is very challenging to fulfill these requirements internally, as a lot of time is needed for the analysis of the alarms. Furthermore, special knowledge and resources are required as well. NTS gladly takes over this responsibility and relieves the IT and security departments of the customers.

YOUR ADVANTAGES AT A GLANCE

• Greater security through early detection of threats
• More than standard: in-depth analyses and comprehensive support
• 24×7 available highly qualified security analysts
• Dedicated customer analysts as a Single Point of Contact
• Full transparency thanks to access possibilities onto the NTS Defense platform
• Usage of the Data Analytics system even for non-security relevant data – no security silo
• Implementation of custom use cases that are tailor-made to the customer

CONTINUOUS DEVELOPMENT INSTEAD OF STAGNATION

The service is continuously developed in close collaboration with the customer. Whether it is the integration of new data sources, platform updates, or the implementation of additional use cases, the service is constantly adapted to new requirements and increasingly complex threat scenarios.

Through regular jour fixe meetings and structured reports, NTS acts proactively, identifies current strengths and weaknesses, and thus supports the sustainable optimization of the security posture.

CLOUD OR ON-PREM

The service is available both as a Cloud-based solution and on-premises. From NTS’s point of view, the on-premises version is usually recommended, as it offers the complete range of functions for the NTS Defense Platform. It is implemented directly at the customer’s site with all required components and can be flexibly and future-proofly scaled as needed.

From the first briefing all the way to the ongoing operation: NTS accompanies customers every step of the way and supports them with the best expertise.

NTS DEFENSE PLATFORM

The architecture of the NTS Defense Platform ensures that all data remains within the company. This not only provides security-related advantages but also supports compliance with legal and regulatory requirements. Thanks to seamless integration into the existing IT environment, no isolated security silo is created. As a result, the collected data can also be used for other areas such as IT operations or business intelligence. NTS takes over the complete operation of the platform, including vulnerability management and maintenance.

For customers or use cases where a Cloud solution is preferred, NTS offers an equally powerful alternative. For this, NTS can provide a secure and tailor-made service of equivalent quality.

COVERAGE OF THE IT-INFRASTRUCTURE

A further essential advantage of this service is the high proportion of the digital customer environment that can be covered. All these systems, from Cloudcomponents and applications all the way to a wide variety of databases, can be integrated into the SIEM. Thus, they can permanently be monitored for threats.

By implementing custom use cases, the customer is also provided with protection against threats that is specifically tailored to their operations.

SECURITY PORTFOLIO

TDS | SIEM forms the core of the NTS Defense service portfolio. In addition, NTS offers a range of specialized services, such as the NTS Incident Response Service, which provides customers with targeted support from an experienced expert team in the event of an actual security incident. This ensures a rapid and competent response even in critical situations.

NTS AS A SERVICE

All NTS Defense Services are also available in an as-a-service model. Thereby, licenses, hardware, implementation, ongoing operation as well as continuous development are offered as a complete package for a monthly fee. This model allows customers to avoid high initial investments and instead plan costs over a defined period, exactly in line with OPEX rather than CAPEX.