Custom Security Intelligence/Alerting Services
In a world increasingly awash in viruses, security threats, and vulnerabilities, savvy professionals quickly realize that it’s a real job to winnow out the security information that’s relevant to an organization from the vast collection of other stuff that’s likely to arrive across their transoms. Scientists like to call this task data reduction, which is a fancy term for filtering out irrelevant information and compiling only the stuff that counts. Stated in the form of a question, this activity might be summarized as “Wouldn’t it be convenient if I could only get the security news, information, alarms, alerts, and updates I care about, and not even hear anything about the rest of that material?”
As it happens, this would be convenient indeed–so convenient, in fact, that there’s an emerging service market springing up around this concept. It begins with a security audit and inventory of an organization’s systems, security devices, software, operating systems, and so forth. Since this is standard operating procedure for any serious security work, it’s merely an added bonus that this same information can also be used to develop organization profiles to define what’s in use–and hence, to select all the related news, information, alerts, bulletins, and so forth that are guaranteed to be of interest for delivery to security or other interested IT professionals within the target organization.
That’s why it shouldn’t be a big surprise that managed security services providers, and other information security companies of all kinds, are starting to offer information screening services. Those customers for whom they’ve already amassed the kind of profile data necessary to screen out what’s not relevant, and send them only what’s of interest, are surprisingly willing to pay for such services in the interests of maximizing employee productivity and minimizing the time necessary to acquire, digest, and act on critical alerts, bulletins, and updates. It’s also a peachy opportunity to maintain an ongoing customer relationship, and to offer consulting services, deployment assistance, training, and help organizations fill other gaps in their security infrastructures and knowledge bases as they’re discovered.
Among the many companies now offering such services, consider the following:
- TruSecure’s TruIntelligence Security Knowledge Network and IntelliShield Alert Manager service combine to provide filtered alert data, backed up by research on repairs, mitigations, workarounds, and so forth.
- Symantec’s Security Management Systems consist of numerous modules that include incident management, event management (anti-virus), security policy compliance management, and more. These are augmented by the company’s DeepSight early warning solutions, which include alert services, a security analyzer, and threat management services.
Interested readers can find dozens more similar offerings online using search strings like “information security intelligence,” “custom security alerts,” and so forth. Prediction: this is a service niche that is going no place but up!