实例探究 > Digital government solutions security team gains unparalleled visibility with Sumo Logic

Digital government solutions security team gains unparalleled visibility with Sumo Logic

公司规模
Large Corporate
地区
  • America
国家
  • United States
产品
  • Sumo Logic Cloud SIEM Enterprise
  • Carbon Black
技术栈
  • Artificial Intelligence
  • Machine Learning
  • SQL
实施规模
  • Enterprise-wide Deployment
影响指标
  • Cost Savings
  • Productivity Improvements
  • Customer Satisfaction
技术
  • 网络安全和隐私 - 网络安全
  • 分析与建模 - 预测分析
  • 分析与建模 - 实时分析
适用功能
  • 商业运营
  • 质量保证
用例
  • 预测性维护
服务
  • 系统集成
  • 网络安全服务
  • 培训
关于客户
The customer is a top digital government solutions provider in the United States, responsible for delivering cutting-edge cybersecurity technology to various government entities. The company’s security team oversees governance across all business units, continuously assesses the current security posture, and hunts for and responds to threats. The team operates in a highly distributed network environment, making deep network visibility a critical component for success. The company is known for its early adoption of advanced technologies, including artificial intelligence and machine learning, to enhance its cybersecurity measures.
挑战
The government solutions provider’s security team faced significant challenges in maintaining visibility across multiple remote sites. Without addressing the problem at each remote office, it was impossible to detect if an attacker was targeting one office and then expanding efforts throughout the company. The team lacked access at the network level and had no practical way of identifying such threats in real-time. Analysts had to painstakingly go through historical packet capture data to search for past attack patterns while also managing new threats. Despite leveraging AI and machine learning in their antivirus solutions, they needed a more effective way to improve threat detection and network visibility.
解决方案
The security team turned to Sumo Logic’s Cloud SIEM Enterprise solution to address their network visibility issues. Sumo Logic’s ability to create metadata and query traffic in a SQL-type format was identified as a powerful tool for threat hunting. The solution provided real-time data traffic insights and visual representations of patterns and timelines, enabling quick trend analysis. The team integrated Sumo Logic with Carbon Black to enrich threat alerts with additional context, focusing on high-priority indicators. The implementation was swift, with the platform monitoring the corporate headquarters within an hour and expanding to other remote sites in the following days. This deployment allowed the team to uncover threats that were previously undetectable, such as a virus-infected HVAC system communicating with an external server.
运营影响
  • Amplification of the security team’s productivity: The small security team dramatically increased its productivity by leveraging Sumo Logic’s capabilities, allowing them to expand deployment to additional remote offices with minimal staff.
  • Cost savings: The networking team avoided the need to purchase an additional tool for network visibility, as Sumo Logic provided the necessary insights.
  • Enhanced government partnerships: The company’s improved security capabilities enabled it to pursue partnerships for threat intelligence exchange with federal entities.
  • Customer benefits: The company’s government customers benefited from the evaluation of emerging security solutions, with Sumo Logic offering ease of deployment, time to value, and effective network visualization capabilities.
数量效益
  • Deployment of Sumo Logic at corporate headquarters within an hour.
  • Expansion of Sumo Logic to other remote sites within a few days.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

相关案例.

联系我们

欢迎与我们交流!
* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

感谢您的信息!
我们会很快与你取得联系。