Long time no chat Spiceworkers! I need your help. I am looking at 3 companies to do log correlation and retention, security device management, and threat analysis. I am also looking at an incident reponse retainer that allows me to use those hours for other services if we don't have an incident.
The 3 companies are:
- Secureworks - most expensive
- Solutionary - a little less expensive but not by much
- Fishnet - Least expensive (about 1/3 of the others)
I am leaning towards Secureworks for a number of reasons. They have built their own appliances and 52 TB threat database. They are globally reaching which i think is important because hackers don't care about what size you are and their geographic location doesn't matter. They can hit you from anywhere. They have a ton of analysts and require a SANS GIAC Certified Intrusion Analyst certification. They have 100 people on their security research team. They have 7 locations that are redundant to each other and are adding 4 more. They represent 5 of the top 10 banks and 1600 financial companies. They see 52 billion events a day.
My questions are:
- Who do you use and why?
- Is there someone I am not looking at that you recommend?
- What is a good price for these types of services on an annual basis?
Thanks for all of your help!