实例探究 > Major Financial Services Company Choses Deception for Visibility and Forensics

Major Financial Services Company Choses Deception for Visibility and Forensics

公司规模
Large Corporate
产品
  • ThreatDefend™
  • BOTsink®
  • ThreatDirect™
  • ThreatStrike™
技术栈
  • Deception Technology
  • Machine Learning
实施规模
  • Enterprise-wide Deployment
影响指标
  • Customer Satisfaction
  • Digital Expertise
  • Productivity Improvements
技术
  • 分析与建模 - 机器学习
  • 网络安全和隐私 - 端点安全
  • 网络安全和隐私 - 网络安全
适用行业
  • 金融与保险
适用功能
  • 商业运营
用例
  • 入侵检测系统
  • 远程资产管理
服务
  • 系统集成
  • 培训
关于客户
The customer is a large financial services company with a diverse and international network environment. The company operates across corporate and remote offices, facing the challenge of fully understanding what threats were within their environment and how likely they were to cause harm. Despite having a mature and well-implemented security posture, the company needed better visibility and early threat detection capabilities. The Vice President of Cybersecurity was particularly focused on gaining insights into the attacker’s entry points, methods, and motivations. The company required a solution that could be easily deployed and managed across its global operations without adding significant workload to its information security team.
挑战
Information Security senior management sought to gain better visibility into their diverse and international network environment and address the often-challenging question of whether their security controls were working reliably. They needed to understand what threats had bypassed these controls and whether these threats were doing anything that could negatively impact operations. With a diverse infrastructure and assets in numerous countries, gaining adequate visibility into remote locations and providing consistent data security compliance was especially challenging. The specific restrictions in some regions posed additional challenges requiring unique solutions. The organization needed a solution that would be easy to deploy and manage, even in remote locations, and would not unduly increase their information security team’s workload.
解决方案
The organization selected the Attivo Networks® ThreatDefend™ platform, utilizing the BOTsink® server to deploy decoys, ThreatDirect™ to project decoys into remote locations, and ThreatStrike™ to place deception credentials and other assets on the endpoints. The organization used staged rollouts to test detection strategies and the application of deception techniques. The deployment process was simplified with the use of machine learning, making it easy to prepare, deploy, and update deceptions while maintaining environmental authenticity and attractiveness for an attacker. The ThreatDefend platform provided global early threat detection and the ability to easily and scalably provide deception into remote locations without requiring additional hardware. The platform’s ability to gather adversary intelligence, including TTPs, IOCs, and threat intelligence, provided insight into the attacker’s entry point, methods, and motivation.
运营影响
  • The organization added deception technology to proactively achieve visibility, especially in remote locations, and provide improved reporting and forensics capability across their widely varied sites.
  • The ThreatDefend platform was easy to deploy and maintain at scale, providing high-fidelity, accurate alerts.
  • Deception technology gave them 'eyes inside the network' visibility they were not getting from any other solutions.
  • The ability to gather adversary threat intelligence was powerful in fortifying their defenses.
  • The reliable, accurate, and actionable alerts and forensic capabilities improved the information security team’s efficiency and required no additional operational resources.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

相关案例.

联系我们

欢迎与我们交流!
* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

感谢您的信息!
我们会很快与你取得联系。