Our Design phase will identify the approach that will deliver the required outcome to the business. The outputs of discovery, in terms of understanding users, data, processes and technology will help inform a data engineering plan, operational specification, technical specification and a clear understanding of how users should use the system. Completed through the lens of Operations or Security, the approach will build out the appropriate artefacts whether that’s from threat modelling to detective use cases, or from service decomposition to KPI’s.
What is Design?
The design phase is a critical component of establishing an effective monitoring posture for any business, encompassing several key stages:
Data Engineering Strategy
Creating a unified framework for your toolset, defining how each application will process or handle its given set of data. By defining your own framework, agnostic to vendor or product, you can decouple reliance and build in data source compatibility and solution scalability on an open global level.
Threat Modelling
This involves creating a Threat Detection Register strategy, as well as designing a robust and resilient security posture for your organisation. This will involve the creation of a Risk Register, Threat Model and mitigation strategy. Metadata models ensure the efficient handling and correlation of your diverse data sources, enhancing the system’s ability to identify threats.
Business KPI’s for operations
Services and metrics are only important and impactful for decision making if they map to KPIs. This component service builds out the KPIs for each service, considering SLAs where required and business impact.
Recording the KPI’s that are relevant to, fuelled by each service and their metrics. Each KPI will be defined by its importance and critical value (for alerting).
Operational Specification
Designing the blueprint for your operational monitoring. Outlining, with utility in mind, how your organisation should function with the new data domain or tooling ecosystem. This specification will outline how your monitoring landscape should function and remain functional throughout your organisations journey with data.
Product specification
Creating a platform scale specification that will document how the platform will be designed, the features and functionality it will provide, the data that will be sent to platform, and how it will be tested. This specification will then be used to deploy the platform and can be referred to for maintenance and expansion.
Multi-Step SIEM Design Process
The design phase pulls together the operating model and other artefacts into an action plan and deliverables supported by the tooling of choice. In fact, it also helps if required identify and evaluate the correct platform for your organisation. It brings together operational, technical, architectural and data into one place, for consideration and design.
- Steps – Review existing platforms and environment (as per Discovery)
- Define the improvements that need to be made and what business objectives need to be met (ie compliance)
- Explore possible solutions and architecture to solve problems with efficient use of tools and tooling features, such as automation, ML, use cases etc
- In cases such as migration, review and collate all assets that need to be transferred to the new platform
- Fully document planned design documentation, including tooling details and requirements
Apto Are operational monitoring Experts
Tailored To Your Organisation
Apto is a small but dedicated team of industry experts with over 15 years of monitoring experience. We aim to truly understand your organisation at a deep level and put your business objectives and industry-specific needs at the core of what we do. We consider your company culture, size, risk tolerance, complexity and what you are trying to implement and maintain. This ensures that the work you receive from us is specific and focused on your organisation.
Actionable and Reliable
Our tailored approach ensures that the deliverables and outputs from the discovery process are appropriate, actionable and focused. The final report from this process will allow you and your organisation to fully understand what’s next for your monitoring strategy and where to focus resources best so you know how to design, build, implement and operate your platform into the future.
Going Further With your Monitoring
With Discovery and Design complete, the next phase is to build, remediate, or migrate your platform. This is where the Deploy phase starts.
See how we can build your digital capability,
call us on +44(0)845 226 3351 or send us an email…