We employ Security Incident Event Management (SIEM) tools to collect and correlate logs from different application, network and host systems. This alerts on triggers to notify the Security team based on correlated events for investigation and response. These tools enhance visibility and monitoring.
Service inbound and outbound points are monitored to detect anomalies based on preset thresholds. These systems are configured to generate and send logs to our SIEM for investigation and response when incidents and values exceed predetermined thresholds.
Certn defines the severity of an issue via industry-recognized Common Vulnerability Scoring System (CVSS) scores, which all modern scanning and continuous monitoring systems utilize. The CVSS provides a way to capture the characteristics of a vulnerability and produce a numerical score reflecting its severity. The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes. It is the Security team’s responsibility to ensure the vulnerability management policy is followed. All vulnerabilities are addressed within reasonable timelines as defined by company procedural commitments