Services

 





ArcSight Services


ArcSight Managed Solution

click here for more information


Managed Log Reporting

click here for more information


ArcSight Consulting Services are the perfect choice for current ArcSight customers who want to improve the return on investment for their existing SIEM solution. Castle Ventures, a certified ArcSight Professional Services Partner, is a consulting firm whose mission is to help companies defend against information technology security threats to their critical data and infrastructure.


Content Development

  1. Create filters, rules, lists, data monitors and dashboards that are tailored to your environment.

  2. Assist with the configuration, deployment, and customization of ArcSight standard content and packages.


Custom Reports

  1. Create filters, queries, templates, reports, trend reports to help you manage your security operations and support your business users.


SmartConnector Deployment and Configuration

  1. We can take over deployment and configuration of all ArcSight support connectors.


FlexConnector Development

  1. Develop and deploy flex connectors for those data sources where a SmartConnector does not exist.


Upgrade Assistance

  1. We will work with you to install packages, service packs, and ArcSight upgrades.


Asset and Network Modeling

  1. Develop a proper Network Model and with a strategy to categorize your assets (one of the most important features in ArcSight is the Network Model)


  1. Incident Investigation

  2. Assistance and training to effectively use the ArcSight solution to investigate unusual and malicious activity.


Automation

  1. Help with automation of report delivery, notifications, and rule development and incident response. 

  2. Integrate with tools such as ForeScout CounterACT, Lancope’s StealthWatch, and Invincea’s Threat Data Server.



Security Assessments


Castle Ventures provides a review of your current security status, identifying strengths and weaknesses with your infrastructure.  We use a proprietary methodology, automated testing tools, and manual reviews to identify vulnerabilities, inappropriate configurations, validate existing controls, prioritize high-risk vulnerabilities, and provide a detailed roadmap to remediate your network to reduce the risk of your systems being compromised.


Security Architecture

We help clients develop a comprehensive security architecture that identifies threats, classifies data and assets, and provides a roadmap for protecting, monitoring, and reacting to security threats.




Varonis


We are a full service Varonis partner with the following offerings:


•Varonis Training: Castle Ventures provides training on the full Varonis suite of products. The training is customized to utilize use cases within your environment to generate lasting value from the learning experience.

•Server Security Roadmap: Using our roadmap to improve server security we will review your current server security programs and policies and utilizing best practices implement a program that moves towards a Least Privilege model.

•Security Architecture for Unstructured Data: We will develop a security model for your file servers taking full advantage of the Varonis solutions.

•Data Ownership Program: We will work with you to put in place a program to assign owners to server data and involve the rightful business owners in the review of access provisions.

•Global Group Remediation: Castle Ventures processes and automated scripts are used with Varonis to identify and remediate servers that have overly permissive folders (The Everyone Problem).  This will promote a Least Privilege model.

•Entitlement Review Program: We will review your compliance and business requirements to develop an entitlement review process that ensures that the appropriate business users are involved in the access control approval process and standards are met.