Security information and event management (SIEM) and/or Log Management
SIEM software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by network hardware and applications.
Endpoint Detection and Response (EDR)
EDR solutions record and store endpoint-system-level behaviors, use various data analytics techniques to detect suspicious system behavior, provide contextual information, block malicious activity, and provide remediation suggestions to restore affected systems.
Security Operations Center as a Service (SOCaaS) and/or Managed Detection and Response (MDR)
SOCaaS is a subscription or software-based service that manages and monitors your logs, devices, clouds, network and assets for internal IT teams.
MDR is an advanced managed security service that provides threat intelligence, threat hunting, security monitoring, incident analysis, and incident response. This is unlike traditional MSSPs who only provide alerts from security monitoring.
User and Entity Behavior Analytics (UEBA)
UEBA solutions use analytics to build the standard profiles and behaviors of users and entities (hosts, applications, network traffic, and data repositories) across time and peer group horizons. Activity that is anomalous to these standard baselines is presented as suspicious, and packaged analytics applied on these anomalies can help discover threats and potential incidents. The most common use cases sought by enterprises are detecting malicious insiders and external attackers infiltrating their organizations (compromised insiders).
Network Vulnerability Assessment and/or Penetration Test
A network vulnerability assessment is a process of reviewing and analyzing a computer network for possible security vulnerabilities and loopholes. It is used by network administrators to evaluate the security architecture and defense of a network against possible vulnerabilities and threats.
Dark Web Monitoring
Dark Web Monitoring, also known as cyber monitoring, is an identity theft prevention product that enables you to monitor your identity information on the dark web, and receive notifications if your information is found online.