THE CHALLENGE: A NEW CISO WAS HIRED TO ADDRESS THE SECURITY NEEDS OF A DIGITAL INFRASTRUCTURE PROVIDER FOLLOWING CORPORATE RESTRUCTURING. LACK OF VISIBILITY ACROSS THE BUSINESS MADE PRIORITISING THREATS DIFFICULT
REQUIREMENTS
This led them to seek a solution that could provide visibility, uncover system vulnerabilities and build their team’s security knowledge.
The customer knew that many vendors used usage metrics to price their services and was concerned about unexpectedly high bills. They wanted a cloud-based solution that is quick to deploy with no unexpected licencing costs.
The customer approached Pentesec to learn more about our Security Operations Centre.
THE SOLUTION: PENTESEC PROPOSED TWO CLOUD BASED MANAGED SECURITY SERVICES, POWERED BY RAPID7
Security Information & Event Management (SIEM) and Vulnerability Management (VM)
This enabled the customer to gather information about events happening on their network and proactively see what issues they needed to resolve. The customer was able to use the service ‘out of the box’ with pre-built systems designed to ingest data from across their network.
Where systems were not automatically compatible with Rapid7. Parsing rules were created to convert data into a format Rapid7 could alert against.
OUTCOMES
As soon as the service was activated, the customer had full network visibility and was able to identify which areas required their immediate attention.
Several areas that they had labelled as ‘not at risk’ were highlighted. Long forgotten legacy equipment was found, in use but not supported. Moving the business onto supported platforms became a priority and led to the biggest service benefit the customer highlighted:
OWNERSHIP
No specific person was responsible for managing the legacy platforms, so they were left untouched, out of support and long forgotten.
Visibility quickly drove ownership, holding people accountable for maintaining systems that they previously didn’t know were there.
Historically the team had struggled to justify resource investment.
Having full visibility of their infrastructure and assigning responsibility for each service made it easy for the CISO to articulate issues and highlight weaknesses within the business that required investment.
“Working with Pentesec is one of the more enjoyable experiences I’ve had with a third party, mainly because the people understand the challenge.
They’re not there to just try and sell me licences or devices, there’s a real partnership feel about it. The guys who interact with Pentesec at an engineering or monitoring level are constantly saying:
‘These guys are responsive; they understand what we need to do and it’s not a battle!’
We work with vendors where it really is a battle. We have push them quite hard, just to get the basics, but they said it has been enjoyable working with you guys”
– Customer CISO