Large Retailer uses Deception for Active Acquisition Strategy
公司规模
1,000+
地区
- America
国家
- United States
产品
- Attivo ThreatMatrix Deception and Response Platform
- ThreatStrike deceptive credentials
- Attivo BOTsink engagement servers
技术栈
- Deception Technology
- Credential Theft Detection
- Phishing and Malware Analysis
实施规模
- Enterprise-wide Deployment
影响指标
- Brand Awareness
- Customer Satisfaction
- Digital Expertise
技术
- 网络安全和隐私 - 端点安全
- 网络安全和隐私 - 入侵检测
- 网络安全和隐私 - 恶意软件保护
适用行业
- 零售
适用功能
- 商业运营
- 质量保证
用例
- 入侵检测系统
服务
- 网络安全服务
- 系统集成
关于客户
A large retail organization with an active acquisition strategy. The organization prioritizes establishing visibility into acquired networks to understand potential vulnerabilities. They are concerned about the security maturity of affiliate networks and the risk of hidden or time-triggered malware that could move laterally and breach their corporate network, leading to data exfiltration. The organization aims to ensure that the security controls of their broader affiliate organizations align with their enterprise standards to protect company and customer data.
挑战
The acquired organization had basic security but little visibility into any threats that have made their way inside the network. Because of the lack of visibility, the infosec teams lacked confidence that these networks weren’t already compromised in some way. A compromised affiliate network posed a risk to not only that subsidiary, but to the broader enterprise as well. Any in-network malware could potentially spread to the larger organization, and create significant risk to customer confidence, revenue, and their brand reputation. The team needed a reliable way to know if the network was compromised, as well as visibility into the acquired organization’s overall health and risk associated with its end-points. Beyond gaining this initial visibility, they needed a reliable way to detect any new threats inside the network that could occur in the future.
解决方案
The large retail organization deployed the ThreatMatrix Deception and Response Platform across the acquired company’s data centers and end user networks. The ThreatMatrix Platform provided them with visibility into lateral movements and reconnaissance actions conducted by malware and malicious actors. The ThreatMatrix BOTsink engagement servers were customized to match the production environment, creating decoys that reflected the same configurations as their counterpart production critical assets. These decoys presented an attacker with an attractive target that could engage, trap, and safely observe the tactics, techniques, and procedures being leveraged against them. In addition to the ThreatMatrix Platform, the organization has implemented the Attivo ThreatStrike End-point Suite. This solution creates customized deceptive credentials that are deployed to thousands of end points, to identify compromises that rely on credential theft. These agentless, deceptive credentials entice and divert an attacker into engaging with the Attivo engagement servers, thereby revealing themselves, and allowing Attivo to analyze the threat. With deception deployed, the organization gained visibility into threats within the subsidiary’s network. In one specific instance, they identified suspected Ransomware that was active in the environment and the ThreatMatrix Platform gave them the detailed attack forensics to remediate the identified threat. Lastly, the organization utilizes the ThreatMatrix Platform’s capabilities for secondary phishing and malware analysis. The Phishing and Malware Analysis Platform automatically executes suspicious files and URLs, providing detailed analysis to the incident response team, ensuring that they have the evidence to determine if the sample can safely be executed, or if it is malicious in nature.
运营影响
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
相关案例.
Case Study
Improving Production Line Efficiency with Ethernet Micro RTU Controller
Moxa was asked to provide a connectivity solution for one of the world's leading cosmetics companies. This multinational corporation, with retail presence in 130 countries, 23 global braches, and over 66,000 employees, sought to improve the efficiency of their production process by migrating from manual monitoring to an automatic productivity monitoring system. The production line was being monitored by ABB Real-TPI, a factory information system that offers data collection and analysis to improve plant efficiency. Due to software limitations, the customer needed an OPC server and a corresponding I/O solution to collect data from additional sensor devices for the Real-TPI system. The goal is to enable the factory information system to more thoroughly collect data from every corner of the production line. This will improve its ability to measure Overall Equipment Effectiveness (OEE) and translate into increased production efficiencies. System Requirements • Instant status updates while still consuming minimal bandwidth to relieve strain on limited factory networks • Interoperable with ABB Real-TPI • Small form factor appropriate for deployment where space is scarce • Remote software management and configuration to simplify operations
Case Study
How Sirqul’s IoT Platform is Crafting Carrefour’s New In-Store Experiences
Carrefour Taiwan’s goal is to be completely digital by end of 2018. Out-dated manual methods for analysis and assumptions limited Carrefour’s ability to change the customer experience and were void of real-time decision-making capabilities. Rather than relying solely on sales data, assumptions, and disparate systems, Carrefour Taiwan’s CEO led an initiative to find a connected IoT solution that could give the team the ability to make real-time changes and more informed decisions. Prior to implementing, Carrefour struggled to address their conversion rates and did not have the proper insights into the customer decision-making process nor how to make an immediate impact without losing customer confidence.
Case Study
Digital Retail Security Solutions
Sennco wanted to help its retail customers increase sales and profits by developing an innovative alarm system as opposed to conventional connected alarms that are permanently tethered to display products. These traditional security systems were cumbersome and intrusive to the customer shopping experience. Additionally, they provided no useful data or analytics.
Case Study
Ensures Cold Milk in Your Supermarket
As of 2014, AK-Centralen has over 1,500 Danish supermarkets equipped, and utilizes 16 operators, and is open 24 hours a day, 365 days a year. AK-Centralen needed the ability to monitor the cooling alarms from around the country, 24 hours a day, 365 days a year. Each and every time the door to a milk cooler or a freezer does not close properly, an alarm goes off on a computer screen in a control building in southwestern Odense. This type of alarm will go off approximately 140,000 times per year, equating to roughly 400 alarms in a 24-hour period. Should an alarm go off, then there is only a limited amount of time to act before dairy products or frozen pizza must be disposed of, and this type of waste can quickly start to cost a supermarket a great deal of money.
Case Study
Supermarket Energy Savings
The client had previously deployed a one-meter-per-store monitoring program. Given the manner in which energy consumption changes with external temperature, hour of the day, day of week and month of year, a single meter solution lacked the ability to detect the difference between a true problem and a changing store environment. Most importantly, a single meter solution could never identify root cause of energy consumption changes. This approach never reduced the number of truck-rolls or man-hours required to find and resolve issues.