Correlation Services

IDRGroup’s robust MSS solution, when used as part of a defense in depth strategy, correlates logs from various devices within your network, with its own analysis process, to gain greater context and understanding of a potential attack.

What kind of data can be collected and analyzed?

"Big Data"

Do you already use a log management system for consolidation of your log files? No problem. Simply run your consolidated log data through our powerful correlation engine to realize the full potential of your investment, without costly development efforts.

Firewall Logs

Firewalls are one of the most fundamental and widely installed security devices. For an experienced analyst, firewall logs are a treasure trove of information as they are a primary indicator of compromised platforms inside your network.

Web Server Logs

Web servers are frequently the most vulnerable devices on your network. As such, web servers must be monitored very closely. A strong monitoring strategy includes correlation of these logs to identify attacks on web-based applications.

Web Proxy Logs

Many enterprise environments have web proxies deployed, requiring users to pass through them to get to the internet. These logs provide information that helps not only identify active attacks, but also platforms and systems vulnerable to targeted exploits.

When used in conjunction with the Managed Security Service (MSS), theCorrelation Service allows the consolidation of security data from a wide variety of sources to give an even better overview of the current state of your security mechanisms and controls.

IDRGroup’s robust MSS solution, when used as part of a defense in depth strategy, correlates logs from various devices within your network, with its own analysis process, to gain greater context and understanding of a potential attack.

While there are plenty of technology options that provide effective visibility on the security of your network, no amount of devices can replace the critical value provided by an experienced cybersecurity analyst. Unfortunately, many small to medium businesses lack the resources to monitor the thousands of events these devices produce on a daily basis. Experienced analysts are needed to identify the real, actionable threats to your business. IDRGroup provides these analysts at a fraction of the costs to employ such high demand expertise yourself!