Looking for a Next Generation MSSP? Already have a Splunk License?
We offer a truly Co-Managed Service.
Your license. Your data. Our Splunk Security know-how.
Our services include:
Human Security Review
Our engineers search for security anomalies with daily reviews of your Splunk environment. By reviewing alerts and dashboards, we identify potentially malicious activity. Based on review outcomes, our engineers filter false positives, investigate potential threats, and escalate valid security incidents according to your Alert Escalation Communication Plan.
Security Rule Tuning
Based on our engineer’s security reviews and client feedback, our team tunes your environment to reduce false positives or increase coverage.
Notable Event Investigation
When we escalate a notable event, we also perform a first level investigation. Our engineers narrow your search and reduce your incident resolution time. Rest assured that you will spend precious response time efficiently.
Custom Threat Intelligence
Based on industry trends and shifting threat landscape we cultivate high-confidence threat feeds that we integrate into your environment to enrich and enhance security investigations. Based on your industry we’ll integrate you into your industry threat community so you can stay ahead of emerging real-time threats.
CTAC (Cyber Threat Analyst Cell)
CTAC is our threat hunting unit. Professional threat actors are skilled at evading traditional detection techniques. CTAC leverages machine learning and statistical analysis to monitor suspicious security activity that is not “loud” enough to trip traditional alerts. Over the course of days, weeks, months we’ll monitor statistical patterns to identify low operating threat actors.
100% Onshore Resources
Our entire team is based in the United States. No need to worry about who is monitoring your environment in different geography in our current volatile global climate.
For all of our Splunk Managed Services:
Biweekly Status Reports
As your trusted data security partner, we are committed to consistent communication. Our team provides a bi-weekly summary report designed for leadership and analyst review. Included is environment health, investigation results, current ticket status, and roadblocks.
Quarterly Status Meeting
Your environment is in constant motion which impacts your security posture. To ensure our teams are aligned and pro-active, we provide quarterly meetings to review current security health and future plans that could affect your Splunk environment.
Optional Service Add-Ons:
Do your compliance or internal directives require 24/7 security monitoring? We have you covered with our affordable 24/7 service.
Admin, Updates, & Configuration
Need occasional help with Splunk upgrades, adding new programs, or data ingestion? Interested in customized dashboards and reporting? Our accredited, award-winning Splunk team can provide additional services as needed. Check out our Splunk Concierge Administrator On Demand service.
Good threat intelligence is tough to come by. In the course of conducting our routine security work we cultivate and maintain high-confidence threat feeds. Our clients can leverage this same threat intelligence feeds in API or TAXII format for internal company use. Whether you’re looking to enrich IPS, IDS, firewalls, or other security technology our custom threat feed might be right for you.
Recent Blog Posts
Colchester, VT – September 14, 2020: Premier cybersecurity services provider NuHarbor Security is teaming up with trusted partners and industry leaders, Splunk and Tenable, to deliver a turnkey managed security and vulnerability solution for the National Association...
This is part 1 of a 4 part of CrowdStrike Managed Detection and Response (MDR) series. The very first thing you should know about managed detection and response (MDR) providers is that the best service can only exist with the best technology. What I mean by that, is...
“NuHarbor was able to remove 99% of our security white noise. We only receive alerts for notable events. Our team is able to focus on legitimate security events.
We’re Splunk Specialists
At NuHarbor Security we view Splunk as a central cog to the security machine and seek to leverage automated integration wherever possible to reduce manual overhead. NuHarbor Security also understands that log and event data contain an immense amount of value for more than just the security organization, and knows how to leverage the data analytics and automation services provided by Splunk throughout the enterprise. NuHarbor Security utilizes Splunk’s industry leading next generation data analytics platform to provide cohesive analytics services by leveraging existing machine data. The flexibility of our Splunk Managed Services platform allows us to host your Splunk environment on dedicated instances managed by NuHarbor Security in our cloud, or on your own on-premise platform in order to meet your unique business requirements. Regardless of the deployment model, you maintain full access, visibility, and usability of your data.