The proposed solution is intended to cover the security monitoring and operation service through the SIEM ArcSight platform, from where the different alerts are registered for subsequent initial triage, analysis and escalation through the GLPI service management platform, where contact is established with the other actors involved.
In addition, an agreement is established for collaboration and improvement in the use cases associated with the alerts.