Security Incident and Event (SIEM) Managed Services

NTG’s Managed Security Service is a consolidated Security Information and Event Management (SIEM) solution providing a bird’s eye view of your IT infrastructure that monitors your system for security threats and anomalies 24/7/365. It fulfills two main objectives: (1) detecting in (near) real-time security incidents, and (2) efficiently managing logs. From a high-level point of view, NTG’s SIEM collects information (e.g., logs, events, flows) from various devices on the network, correlates and analyzes the data to detect incidents and abnormal patterns of activity, and, finally, stores the information for later use (reporting, behavior profiling, etc.). Not only does our SIEM solution provide real-time threat analysis but also in-depth monthly reporting to provide our customers with a true risk management plan.

NTG’s SIEM solution will help your organization:

  • Discover internal/external threats.
  • Monitor (privileged) user activity and access to resources
  • Provide compliance reporting
  • Support incident response
  • Maintenance and support of the AlienVault SIEM solution

NTG's SIEM solution is supported by our specialized server which, when installed in our client's network, provides our tools with secure access to monitor and backup network device configurations and provide continuous availability in monitoring. Tracking device configurations allows NTG to immediately identify configuration changes that may be related to an incident and when appropriate, restore the previous configuration to restore functionality.

NTG prides ourselves on providing a holistic, proactive approach toward Security Information and Event Management that is built around NTG’s Infinity Security Pillars.

NTG’s Security Pillars:


  • Log Collection
  • OTX Threat Data
  • SIEM Event Correlation
  • Incident Response

Asset Discovery

  • Active Network Scanning
  • Passive Network Scanning
  • Asset Inventory
  • Software Inventory

Vulnerability Assessment

  • Continuous Vulnerability Monitoring
  • Authenticated / Unauthenticated Active Scanning

Threat Detection

  • Network IDS (NIDS)
  • Host IDS (HIDS)
  • File Integrity Monitoring (FIM)

Behavioral Monitoring

  • Netflow Analysis
  • Service Availability Monitoring

Forensics and Recovery

  • Device Availability
  • Device Configuration Changes

Are You Protected?

Did you know?

  • In 2016 22% of companies that experienced a security breach lost customers and 29% lost revenue.
  • 80% of cyber breaches last more than one hour; that’s time your and your customer’s data is being exploited.
  • 44% of alerts are never investigated and over 50% of legitimate threats are not remediated with many threats going unnoticed, and not addressed, indefinitely.

*Source: view source PDF