Threat Detection & Response Made Easier for Growing Financial Services Company

For a San-Francisco based financial services firm that partners with technology entrepreneurs in the US and China, maintaining a strong security posture is critical to the company’s success. The firm’s portfolio of 200 companies are security conscious and expect the firm to stay ahead of security threats. But this can be difficult, especially for a small team with time constraints. The firm’s Vice President of Global IT recently spoke with me about challenges his team faces.

“We’re a team of three people who wear multiple hats and have about two hours each week to focus on security. It takes a lot of time to handle more than 1,000 spoofing attacks per month and respond to major vulnerabilities such as Meltdown. In addition, we have to monitor on-premises equipment at three offices as well as our cloud-based architecture, while also staying on top of employees using risky plugins and toolbars or installing sketchy software on their laptops.”

To better detect a range of potential security threats, the Vice President of Global IT tested out a variety of disparate tools but found it difficult for his team to manage these. In looking for a comprehensive security monitoring solution, he considered different products including Splunk, but found these to be lacking in functionality and costly to deploy. As part of his requirements, he wanted a cloud-based offering that didn’t have data storage limits and could be integrated with disparate systems. Ultimately, he chose AlienVault USM AnywhereTM, our cloud-based security monitoring platform, as the best fit for his team’s needs.

In addition to the platform’s unified capabilities, the IT team leader had heard that it was easy-to-use and affordable; since deployment, he has been impressed with its capabilities. “AlienVault has built out a unique product that is ideal for small companies like ours,” he explained. “No others are as comprehensive for organizations with small IT teams.”

The company has been using USM Anywhere to manage threat detection since January of 2017. Designed with the needs of today’s resource-constrained IT security teams in mind, USM Anywhere significantly reduces the time and budget required for effective security monitoring and compliance management. Managed through a single plane of glass, the SaaS security monitoring platform allows the company to centralize and simplify threat detection, incident response, and compliance management across their full IT infrastructure. The platform also integrates with other IT systems and business applications such as Microsoft Office 365, Okta, and Cisco Umbrella to provide a more complete view of the company’s security posture.

Another key benefit for the company is USM Anywhere’s ability to correlate server and firewall logs with data traffic between the company’s office and in the cloud to identify behavioral patterns consistent with malicious activity. These event patterns are automatically prioritized and trigger an alarm to expedite investigation and response. Such proactive alerts from USM Anywhere have helped the company to keep up with threats as they develop so they can take action and block IP addresses as needed.

Additionally, AlienVault’s Open Threat Exchange® (OTXTM) provides threat intelligence updates related to financial services and China – two of the company’s main concerns. Using these alerts, the company  proactively manages threat detection to prevent attacks from spreading through to the network.

USM Anywhere has a very low TCO, enabling the company to detect the latest threats without having to buy, deploy and manage multiple products across cloud and on-premises environments and reduce the local infrastructure required. Since the platform is cloud-based, it further reduces total cost of ownership by eliminating the need for data centers, hardware, setup fees, and maintenance costs, and by allowing the company to easily scale their security monitoring as their business continues to grow.

 “USM Anywhere is a great platform that has made threat detection easier for my team to manage.”

For more information on AlienVault USM Anywhere, please click here.

      

Article Link: AT&T Cybersecurity Blog