Managed Security Services
With Managed Security Services, a provider monitors and manages security devices and systems for you. The following services are available to state and local government agencies and education institutions in Georgia.
Security Information and Event Management: SIEM delivers comprehensive cross-enterprise protection by unifying event management and incident management across towers on a common platform. This service provides contextual and actionable surveillance across the IT infrastructure, helping organizations detect and remediate threats, which can include inappropriate use of applications, insider fraud and theft, and advanced, “low and slow” threats that can be easily lost in the “noise” of millions of events.
Incident Response and Remediation: Responding to a breach in the most effective way possible limits the amount of damage that can potentially be done to the target agency. Incidents categorized as requiring further investigation are analyzed in more depth. The organization will be notified of the incident and provided with data to mitigate the threat and associated risk by implementing suitable countermeasures.
Intrusion Detection and Prevention: This security component eliminates malicious packets, alerts security personnel to potential intrusions, and blocks suspicious traffic. The Security Operations Center (SOC) manages incidents throughout the event lifecycle from detection to resolution, working with organizations on security response processes.
Penetration Testing: This service involves an authorized, simulated cyberattack on a computer system that’s performed to evaluate the system’s security.
Security Device Management: This service covers the firewall devices, IPS devices, IDS devices, UTM devices, VPN appliances, web proxy appliances, and load balancer appliances. Devices and appliances are remotely accessed, managed, and monitored for availability and system health over a dedicated network.
Vulnerability Scanning: This service provides organizations with in-depth scanning to detect threats and vulnerabilities, and it uses a combination of scanners and sensors to ensure maximum scanning coverage. Integrated service delivery across security and IT operations ensures the remediation of any detected problems.
Endpoint Protection: As cloud-to-endpoint activity increases, the vulnerability to malware on endpoints and devices increases. Endpoint protection services are part of an ecosystem of services that monitor threats across an enterprise and are integrated into the Security Operations Center (SOC).
Contact: Leanne Lapp, firstname.lastname@example.org, 404.406.5224
More detailed GTA Direct service descriptions and pricing are available to state and local government entities. For more information, please complete this brief webform.