Not all incidents can be prevented. So when incidents occur responding to them is essential for mitigating the risk they represent and this response can be expensive. The cost to create, research, and close an incident is something that organizations work hard to manage well. In a 2007 study by the Aberdeen Group called Sustaining Compliance, Derek Brink describes the best practices of companies who use log management, security information management and security event management as enabling technology to decrease the number of security related and compliance related incidents.

Security Event Management and Incident Response

Security metrics, used to measure an organization’s effectiveness in responding to incidents, include these key performance indicators:

  • Number of incidents created
  • Percentage change in incident count as related to events, alerts, and user counts
  • Cost of incident resolution
  • Mean time to incident response
  • Time to incident response as a function of incident count and security staff counts

One Size Doesn’t Have to Fit All When It Comes to Security Event Management

Organizations vary in security event management maturity, purchasing power and size. Intellitactics offers a full range of flexible software and appliance products for every organization. You choose a feature rich solution for incident response that meets your budgetary constraints and your organization’s capabilities for implementation.

Intellitactics™ Security Manager (ISM) or Intellitactics™ SAFE LP are used to accelerate reliable incident declaration, rapid investigation and response by providing functionality for several steps in the incident management process:

  • Simplify pre incident investigation and research
  • Automate threat prioritization by ranking security alerts using risk relevant scoring
  • Automate the elevation of an alert to an incident
  • Automate notification of a security incident to other IT resources via trouble ticketing
  • Provide secure access to consolidated, known information about events leading up to the declaration of an incident
  • Facilitate integration with other security management products to accelerate response

Intellitactics SAM, a management dashboard, extrapolates the security information stored in the SDW, and automatically generates measures of the key performance indicators for incident response.

Learn more about our security event management solutions.