Case Study
The client is an Australian global resources company. They had a complex environment with multiple tools and security solutions. They wanted to consolidate services with fewer vendors so as to have a smoother cybersecurity setup.
Infosys facilitated a smooth transition by delivering global support and streamlining processes thereby enhancing overall security posture.
Key Challenges
- Huge backlog of alerts which required quick resolution
- No proper process for triaging log stoppage/delay alarms
- Absence of master device list making it difficult to analyze incidents
- High number of false positive incidents in SIEM (Security Information and Event Management)
- Unable to automate hash indicator analysis
The Solution
Implemented appropriate processes to fix log delay problems
Onboarded the client to Threat Intelligence Platform (TIP)
Created health monitoring dashboard to enhance visibility and detection of log source issues
Successfully implemented process for triaging log delay issues
Successfully migrated from Symantec MSS to Dell SecureWorks and fine-tuned multiple use cases resulting in reduction of false positives
Benefits
Increased visibility and detection of security incidents
Provided 24x7 real-time security monitoring in the client environment
Performed triage of security alerts, correlation between multiple platforms/products & threat intelligence
Eliminated false positives, escalated true positives and communicated to stakeholders, peers, and staff as per defined processes
Cleared a backlog of 50,000 data loss prevention (DLP) incidents with dedicated DLP support
Performed security event detection and monitoring across 11,000+ devices and executed asset classification, risk model finalization, scanning, and patching
Request for services
Find out more about how we can help your organization navigate its next. Let us know your areas of interest so that we can serve you better.
