Feedback that might be the answer to your questions about SIEM and MSSP

The Managed Security Service Provider (MSSP) and Security Information and Event Management (SIEM) space has a lot more players than it used to, and it leads to confusion, starting with “What are the differences between MSSP and SIEM”?  “How do you know which is the better fit”?  “Is there a way to get the benefits of both”?

We developed our proprietary ProVision solution to provide the best of both; the power of a tool that can use automation to collect logs from a variety of feeds, quickly apply business rules and generate alerts plus a team of trained security professionals to monitor 24/7, validate findings, apply ongoing proactive research and threat intelligence, keep business rules tuned, and communicate regularly with the clients so they have a deeper understanding of their security and the value of this added protection.

For Resellers there are features that we understood would be important, such as multi-tenancy.  If you are offering a solution to your customer base, and want your internal team to be able to use it easily, you want the ability to easily view your customers and any open tickets that they might need your assistance with.  Integration with your ticketing system or at least being able to respond to a ticket via email instead of signing into a ticketing system at all.  Co-branding when you have built a relationship with your customers and don’t want them to feel like you are handing them off to another provider, but wanting to have separation of duties as well as the expertise needed for cybersecurity.

Our Clients have requirements of their own.  Most do not have staff trained in cybersecurity or enough staff to monitor a tool 24/7, yet they want visibility.  They typically have solutions from different manufacturers, and they want log correlation.  They don’t have information on evolving threats that are happening in their business sector or geographic location, so threat intelligence is an important tool.  Speaking of tools, many would love to have the resources needed to fully implement and manage a SIEM, but the licensing cost alone is prohibitive.  Managed firewall services that MSSPs offer can ease the burden on internal staff, but who wants to be locked out of their own firewalls?  What happens if you detect an incident and need help figuring out what to do next?  Does your solution have incident response capabilities that you can actually afford?

These questions are being answered with ProVision.

Recent feedback from Resellers:

• “We have been using (competitors product) but it is too much of a strain on our team with all of the alerts they send us that we need to investigate”
• “We are working with (another MSSP) for some of our clients, but they don’t have a good answer for incident response”
• “A breach response option that SMBs can afford could be a real door opener for us”
• “(MSSP competitor) was too expensive for our SMB clients, so we had stopped offering MSSP services altogether until we found ProVision”
• “We had not been getting off the ground with (SIEM tool) and then our internal resource who brought it in left, so we like your option better where you manage the “tool”.”
• “It’s great that you have monitoring for O365, we are moving all of our clients there”

From Clients:

• “I was pleasantly surprised at the cost.  I thought it was going to be out of my budget after seeing the demo”
• “We love the co-management option for firewalls.  We won’t give up access to our firewalls under any circumstance, but there are times we need help”.
• “We don’t have enough manpower to watch and respond 24/7 to issues, so this is a great solution”
• “Our recent compliance audit requires us to be monitoring 24/7 and we didn’t have any way we could do that internally”.

We’d love to hear your questions and concerns to see if ProVision can address them too.  Contact us (or your Foresite Reseller).