Challenge
The Factory has purchased step by step all Defensys products: SOAR, Security GRC, Threat Intelligence, SENSE and Threat Deception platforms. As a part of large project on software installation and customization, our target was to build an ecosystem based on Defensys software which will cover all cybersecurity needs of the factory.
Implementation
Since each company has its own internal procedures, Defensys takes into account all customer requests and adapts software to specific requirements. The factory has 5 types of incidents to be detected, so there were tailored 5 SOAR playbooks that utilize different connectors during the response and investigation processes.
The company stored most of the assets data in a SIEM system and all incidents for further processing are being taken from the SIEM too. Besides, it’s connected with AD and antivirus solution.
At the moment, by using Defensys software, the company can do the following:
- Control brute force attacks and withstand malware campaigns (SOAR)
- Conduct assets inventory without agents (SOAR)
- Identify unnatural infrastructure behavior (SENSE)
- Identify indicators of compromise inside the corporate network and respond rapidly before the cyber incident occurs (SIEM-sensor feature of the Defensys TIP)
The factory has highly appreciated TDP as an up-to-date platform to enhance the state of cybersecurity and actively generates traps and lures in its subnets.
The SGRC is used at the factory for conducting regular audits according to the legislation. The most of the time saved after the SGRC implementation is related to the feature of automatic reports creation after all the requirements are assessed by involved colleagues.