One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 489083 |
| Date de publication | 2018-02-22 14:00:00 (vue: 2018-02-22 14:00:00) |
| Titre | Threat Detection & Response Made Easier for Growing Financial Services Company |
| Texte |
For a San-Francisco based financial services firm that partners with technology entrepreneurs in the US and China, maintaining a strong security posture is critical to the company’s success. The firm’s portfolio of 200 companies are security conscious and expect the firm to stay ahead of security threats. But this can be difficult, especially for a small team with time constraints. The firm’s Vice President of Global IT recently spoke with me about challenges his team faces.
“We’re a team of three people who wear multiple hats and have about two hours each week to focus on security. It takes a lot of time to handle more than 1,000 spoofing attacks per month and respond to major vulnerabilities such as Meltdown. In addition, we have to monitor on-premises equipment at three offices as well as our cloud-based architecture, while also staying on top of employees using risky plugins and toolbars or installing sketchy software on their laptops.”
To better detect a range of potential security threats, the Vice President of Global IT tested out a variety of disparate tools but found it difficult for his team to manage these. In looking for a comprehensive security monitoring solution, he considered different products including Splunk, but found these to be lacking in functionality and costly to deploy. As part of his requirements, he wanted a cloud-based offering that didn’t have data storage limits and could be integrated with disparate systems. Ultimately, he chose AlienVault USM AnywhereTM, our cloud-based security monitoring platform, as the best fit for his team’s needs.
In addition to the platform’s unified capabilities, the IT team leader had heard that it was easy-to-use and affordable; since deployment, he has been impressed with its capabilities. “AlienVault has built out a unique product that is ideal for small companies like ours,” he explained. “No others are as comprehensive for organizations with small IT teams.”
The company has been using USM Anywhere to manage threat detection since January of 2017. Designed with the needs of today’s resource-constrained IT security teams in mind, USM Anywhere significantly reduces the time and budget required for effective security monitoring and compliance management. Managed through a single plane of glass, the SaaS security monitoring platform allows the company to centralize and simplify threat detection, incident response, and compliance management across their full IT infrastructure. The platform also integrates with other IT systems and business applications such as Microsoft Office 365, Okta, and Cisco Umbrella to provide a more complete view of the company’s security posture.
Another key benefit for the company is USM Anywhere’s ability to correlate server and firewall logs with data traffic between the company’s office and in the cloud to identify behavioral patterns consistent with malicious activity. These event patterns are automatically prioritized and trigger an alarm to expedite investigation and response. Such proactive alerts from USM Anywhere have helped the company to keep up with threats as they develop so they can take action and block IP addresses as needed.
Additionally, AlienVault’s Open Threat Exchange® (OTXTM) provides threat intelligence updates related to financial services and China – two of the company’s main concerns. Using these alerts, the company proactively manages threat detection to prevent attacks from spreading |
| Envoyé | Oui |
| Condensat | “alienvault “no “we’re “usm proactively 000 200 2017 365 ability about across action activity addition additionally addresses affordable; ahead alarm alerts alienvault alienvault’s allowing allows also another anywhere anywhere’s anywheretm applications architecture are attacks automatically based been behavioral benefit best better between block budget built business but buy can capabilities centers centralize challenges china chose cisco click cloud companies company company’s complete compliance comprehensive concerns conscious considered consistent constrained constraints continues correlate cost costly costs could critical data deploy deployment designed detect detection develop didn’t different difficult disparate each easier easily easy effective eliminating employees enabling entrepreneurs environments equipment especially event exchange® expect expedite explained faces fees financial firewall firm firm’s fit focus found francisco from full functionality further glass global great grow growing had handle hardware has hats have having heard helped here his hours ideal identify impressed incident including information infrastructure installing integrated integrates intelligence investigation its january keep key lacking laptops latest leader like limits local logs looking lot low made main maintaining maintenance major malicious manage managed management manages meltdown microsoft mind monitor monitoring month more multiple need needed needs network offering office offices okta open organizations other others otxtm ours out ownership part partners patterns people per plane platform platform’s please plugins portfolio posture potential premises president prevent prioritized proactive product products provide provides range recently reduce reduces related required requirements resource respond response risky saas san scale security server services setup significantly simplify since single sketchy small software solution splunk spoke spoofing spreading stay staying storage strong success such systems take takes tco team team’s teams technology tested than these threat threats three through time today’s toolbars tools top total traffic trigger two ultimately umbrella unified unique updates use using usm variety very vice view vulnerabilities wanted wear week well who without |
| Tags | Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.