November 12, 2019
COLUMBIA, Md. – Oct. 11, 2017— EventTracker, a leader in security information and event management (SIEM), today announced that the EventTracker Control Center (ECC), EventTracker’s security operations center (SOC) has been audited and formally certified as compliant with ISO/IEC 27001:2013. EventTracker was also validated as a Payment Card Industry (PCI) Data Security Standard (DSS) Service Provider.
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.
A PCI DSS Service Provider is defined as “a business entity that is not a payment brand, directly involved in the processing, storage, or transmission of cardholder data on behalf of another entity.” PCI DSS compliance lets organizations have peace of mind knowing that their security provider is up to industry standards. The certification strengthens the relationship between company and customer by emphasizing how important data security is to the company.
EventTracker’s parent company, Netsurion, a managed security services provider for multi-location businesses, also uses the ECC for its advanced threat protection solution. Both companies already have a firm foothold in the PCI community, with Global CISO John Christly serving on the PCI Security Standards Council (SSC), plus the council’s Cloud Special Interest Group and PCI SSC Small Merchant Task Force.
“These two certifications further emphasize EventTracker’s strong commitment to providing the highest levels of security to enterprises that cannot do it all on their own. The ECC offers 24/7 remote administration and analytics of SIEM alerts to supplement companies’ internal teams,” said A. N. Ananth, EventTracker’s CEO. “Technology alone is about 15 percent of the solution. Expert analysts and robust, disciplined, and documented processes are the remaining 85 percent. We are proud that our SOC has met these top security provider requirements and can continue its excellent work in protecting our customers.”
The purpose of the ECC is to deliver the SIEMphonic comprehensive managed security service, based on the award-winning EventTracker platform, which includes SIEM, behavior analysis, intrusion detection, vulnerability assessment, threat intelligence, and honeynet deception technology, implemented either on-premises or in the cloud. The ECC provides:
- Administration: Check EventTracker diagnostics, confirm threat intelligence feeds security and compliance content updates, configuration and health check, check for non-reporting systems
- Analysis: Threat and alert monitoring, incident analysis and investigation, report review, behavior and anomaly analysis. Summary of observations prepared and shared
- Compliance: Reports annotation to demonstrate regulatory compliance
- Tuning: Expert services such as advanced tuning/rules for behavior analysis, correlation, and incident investigation/forensics
For more information on the Co-managed SIEM, visit https://www.netsurion.com/capabilities/co-managed-siem
Netsurion® delivers an adaptive managed security solution that integrates our XDR platform with your existing security investments and technology stack, easily scaling to fit your business needs. Netsurion’s managed offering includes our 24×7 SOC that operates as your trusted cybersecurity partner, working closely with your IT team to strengthen your cybersecurity posture. Our solution delivers Managed Threat Protection so you can confidently focus on your core business.
Headquartered in Ft. Lauderdale, FL with a global team of security analysts and engineers, Netsurion is a leader in Managed Extended Detection & Response (MXDR). Learn more at netsurion.com.
Montner Tech PR