Product Review: EiQ SOCVue Security Monitoring
The EiQ SOCVue is a hybrid SaaS security service that offers both security monitoring and vulnerability management solutions for small to mid-sized businesses. While the vulnerability management is a separate service offering that could deserve a look in its own right, this review will be dedicated to the security monitoring portion of the SOCVue suite. This product is a hybrid, SaaS solution in that it provides an ideal mix of people, process and technology for a highly efficient and effective security solution. SOCVue originally launched in 2013. The first year of the product’s inception, EiQ’s SaaS business grew more than 25 percent, quarter over quarter, and in 2014 EiQ landed a spot on Gartner’s Magic Quadrant for SIEM products. This review will take a look at why the SOCVue security monitoring could be a good choice for some enterprises, key product features and specifications, and close with a look at a few competitors of the SOCVue.
“SOCVue Security Monitoring Service provides 24/7 threat detection, compliance monitoring, and log management at a fraction of the cost of doing it yourself.”
IT Security Done Right – SOCVue hybrid SaaS security delivers the best people, process, and technology to ensure continuous security intelligence and effective security monitoring 24x7x365.
The SOCVue security monitoring product is a subscription service that gives the user managed SIEM and log management in an SaaS package. An important feature of the product is that the EiQ Security Operations Center provides 24/7 monitoring and support. According to the EiQ SOCVue datasheet, the EiQ SOC team “will analyze event data from across your IT assets and provide timely notification of any security incidents along with remediation guidance.” Additionally, a web-based portal allows the user to find details on any incident mentioned by EiQ personnel. This is a significant improvement over digging through hundreds of events or raw system log files to analyze what has happened in a particular system. In addition to these incident reports, the SOCVue also features Daily Health Snapshot Reports and Security Posture Reports, which are also sent each day. These help keep IT security professionals informed of what’s going on before major problems occur.
A few other general thoughts on the SOCVue product are worth mentioning here. SOCVue is intended to protect against advanced persistent threats (APTs) and other cyber attacks as well. The solution involves both an on-site deployment and remote service from the EiQ team, so that sensitive event data does not leave the customer’s premises. In addition, the SOCVue helps enterprises with regulatory mandates such as HIPAA, PCI-DSS, and FFIEC, among others. All of these add up to a service that could really help small- or medium-sized business, particularly those who – according to EiQ’s website – “lack resources or on-staff expertise to implement an effective security program.”
Use in healthcare industry
The SOCVue security monitoring service is intended for use in many industries, including finance, but is particularly suited to use in the healthcare industry. SOCVue helps companies comply with the HIPAA and HITECH acts, which call for the security of individual’s health information. As a part of their service, the EiQ Security Operations Center assesses network security controls that are directly mapped to portions of the HIPAA. (A full list of these security controls, and their mappings to portions of the HIPAA, can be found here.) Additionally, EiQ’s SOCVue Vulnerability Management service provides companies with with additional mitigation of threats, including the latest zero-day threats and malware.
The SOCVue security monitoring service should be well-suited to businesses who don’t have the on-site resources to handle security monitoring, but don’t want to find the most expensive security service to meet their needs. In fact, pricing for the SOCVue is readily available and affordable for most businesses. One final note to potential buyers is that past reviews for similar products, while often favorable (such as this 2014 review), may not be perfectly representative of the 2016 SOCVue service, which was formerly a SIEM product offering. When looking for comparable services, EiQ does not compete against corporate giants in the SIEM market, such as IBM and Intel, but instead against companies like Arctic Wolf and Tenable Network Security.
EiQ SOCVue Security Monitoring Data Sheet
EiQ SOCVue use in Healthcare Industry