Managed security services

With Managed Security Services, a provider monitors and manages security devices and systems for you. The following services are available to state and local government agencies and education institutions in Georgia.

Security Information and Event Management

SIEM delivers comprehensive cross-enterprise protection by unifying event management and incident management across towers on a common platform. This service provides contextual and actionable surveillance across the IT infrastructure, helping organizations detect and remediate threats, which can include inappropriate use of applications, insider fraud and theft, and advanced, “low and slow” threats that can be easily lost in the “noise” of millions of events.

Incident Response and Remediation

Responding to a breach in the most effective way possible limits the amount of damage that can potentially be done to the target agency. Incidents categorized as requiring further investigation are analyzed in more depth. The organization will be notified of the incident and provided with data to mitigate the threat and associated risk by implementing suitable countermeasures.

Intrusion Detection and Prevention

This security component eliminates malicious packets, alerts security personnel to potential intrusions, and blocks suspicious traffic. The Security Operations Center (SOC) manages incidents throughout the event lifecycle from detection to resolution, working with organizations on security response processes.

Penetration Testing

This service involves an authorized, simulated cyberattack on a computer system that’s performed to evaluate the system’s security.

Security Device Management

This service covers the firewall devices, IPS devices, IDS devices, UTM devices, VPN appliances, web proxy appliances, and load balancer appliances. Devices and appliances are remotely accessed, managed, and monitored for availability and system health over a dedicated network.

Vulnerability Scanning

This service provides organizations with in-depth scanning to detect threats and vulnerabilities, and it uses a combination of scanners and sensors to ensure maximum scanning coverage. Integrated service delivery across security and IT operations ensures the remediation of any detected problems.

Endpoint Protection

As cloud-to-endpoint activity increases, the vulnerability to malware on endpoints and devices increases. Endpoint protection services are part of an ecosystem of services that monitor threats across an enterprise and are integrated into the Security Operations Center (SOC).

Contracts and contacts

Atos

Expiration date: June 30, 2022

Contract no. 98000-GETSReady-RFQC-1647-ATO

Contact: Greg Meder, [email protected], (563) 564-3822 and Fred Duball, [email protected], (804) 928-4567

IBM

Expiration date: June 30, 2022

Contract no. 98000-GETSReady-RFQC-1647-IBM

Contact: Leanne Lapp, [email protected], (404) 406-5224