Managed SIEM Services

Our Managed SIEM Services are designed to simplify and optimise your in-house security operations. We offer fully managed services for Security Information & Event Management (SIEM), Endpoint Detection & Response (EDR), Network Detection & Response (NDR) and Vulnerability Management.

Let’s face it, managing and tuning a platform is an ongoing, arduous, yet necessary task. SIEM Platform Management removes this burden from your in-house team and leaves the task to our experienced engineers. Having managed SIEM platforms for almost a decade we offer hassle free ongoing support, management, and maintenance of your platform, whether on premise or in the cloud, significantly easing the burden on internal engineering and support teams.

Our dedicated, expert team of detection content developers continually develop threat-relevant content, backed by threat intelligence & measured against SLAs. Our threat detection content is continuously tuned to your environment and mapped to the Kill Chain and MITRE ATT&CK frameworks, through our proprietary Threat Coverage Model. This allows you to understand risks in the context of what matters most to your business. We have been road-testing and fine tuning detection content for almost a decade, you can benefit from the journey we have been on, today.

Managed EDR is a fully managed service that provides the technology, people and processes required to deploy and continuously monitor an endpoint detection and response capability.

Managed EDR offers three levels of service:

1. Essential – where Talion provide enhanced monitoring capabilities around the customer’s endpoint technology.
2. Remediate – where Talion provide enhanced monitoring and automated remediation capabilities using the customer’s endpoint technology. Talion provide this service level for customers who have CrowdStrike Falcon, Microsoft Defender for Endpoint and Carbon Black endpoint solutions.
3. Enterprise– where Talion provide the EDR technology, management, enhanced monitoring, and automated remediation of a CrowdStrike Falcon endpoint solution.

Managed EDR actively mitigates the cyber risks across your endpoint  devices, so you can focus on your core business.

Our Vulnerability Management Service (VMS) is a comprehensive security vulnerability assessment, monitoring, reporting, remediation guidance and management service. VMS can be used to discover and understand the risks of known vulnerabilities in connected servers, network devices, cloud resources and end user devices.

As well as doing network and infrastructure vulnerability scanning VMS can also be used for scanning within various compliance environments such as PCI-DSS, HIPAA, SOX, GDPR and CIS. VMS uses artificial intelligence and data analysis techniques as well as threat information to help customers categorise vulnerabilities and prioritise their remediation activities.

* Ponemon Institue Second Annual Study on the Economics of Security Operations Centres: What is the True Cost for Effective Results? January 2021.