Case Study
The client is an insurance and reinsurance providing company based out of US. There was a lack of integration support for new security tools to ActiveGuard legacy SIEM solution.
Infosys SOC governance team integrated critical log sources with security monitoring tool and created customized use cases around the log sources.
Key Challenges
- Spam and phishing emails not monitored
- Limitation in EPS preventing further tools to be integrated with SIEM solution
- Suspicious traffic from non-business locations
- No proper established change management process for security tools
The Solution
Facilitated proactive response to cybersecurity incidents
Implemented email monitoring solution
Created routing rules for health metric logs resulting in reduction of EPS consumption
Created use cases to identify suspicious traffic from non-business locations
Successfully implemented change management process for all security tools
Benefits
Cost-effective security monitoring mechanism
Optimized cost by increasing log source integration
95% log sources integrated onto the security incident and even management
Increased security monitoring coverage with proactive threat detection by implementing use cases
Created 30+ customized use cases for threat detection
Mapped 160+ use cases with MITRE ATT&CK framework, resulting in better understanding of attack or incident posture
Reduced turnaround time for incident resolution by establishing metrics-driven SOC operations
Request for services
Find out more about how we can help your organization navigate its next. Let us know your areas of interest so that we can serve you better.
