Looking to stay one step ahead of attackers, the GCC’s leading premium aluminium producer has deployed technology, from Vectra, to detect real attacks and their progression throughout the cyberkill chain, so they can rapidly investigate and stop an attack from becoming a breach.
This proactive approach, coupled with a significant reduction in false positives, means one security analyst can now manage the entire SOC operations for the company.
“When it comes to protecting against attacks, the key challenge we faced was visibility – silos and isolated networks exist across the environment and it was difficult to control it completely,” said a Spokesperson from the aluminium producer. “We also struggled with alert fatigue – we used to have a SIEM and antivirus solutions and we would get a lot of alerts, which meant our SOC analysts had to manually analyse and prioritise the alerts. And finally, our security solutions, be it the SOAR and EDR solutions, firewalls or IPSs, are all reactive which meant that by the time we received a trigger, it was already too late and the attacker was in our network.”
The Vectra platform, underpinned by the company’s ground-breaking Attack Signal Intelligence technology, has allowed the aluminium producer’s security team to move from a reactive to a more proactive approach to cybersecurity and pick up on threats before they have had a chance to materialise into something malicious.Click below to share this article