Financial sector company achieves visibility of intrusion events, enabling timely detection of security incidents.

Summary:

A company in the financial sector did not have proactive visibility of its information security, its ability to react was limited because it had no centralized detection control for its different security platforms. Panorama Technologies supported the implementation of a solution that would allow the administrator and security managers to:

  • Have visibility against authentication events and changes in the active directory, intrusion events and events associated with malware.
  • Initiate the incident response process within the organization.
  • Alerting in a timely manner on events associated with information security.
  • Comply with the regulations imposed on the organization regarding information security event detection controls.
  • Facilitate the generation of reports and reports on the different integrated controls.

Challenges:

Implement two Splunk applications: Infosec and Security Essentials with customized use cases. Have visibility into events logged on their security platforms and fine-tune current controls for improvement of their information security posture.

Use cases:

  • Intrusion event monitoring
  • Antivirus monitoringtema).
  • Authentication and changes within the active directory
  • Monitoring of AntiSpam platform events.
  • Construction of alerts
  • Reports associated with security platforms

Impacted areas:

Information security directly and all areas of the organization indirectly.

Integrated data sources:

  • • UTM Firewall (Fortinet).
  • • Web Application Firewall (Fortinet).).
  • • Active Directory.
  • • Anti-Spam (Symantec).
  • • Anti-virus (Symantec).
  • • Vulnerability reports provided by third parties.
  • • SOC service reports provided by third parties.

Solution:

Splunk enterprise: add infosec and add Security Essentials.

Results:

With the implementation performed by Panorama Technologies, the company achieved timely detection of security incidents. In addition to being the initial phase for their incident response process, it also provides them compliance with the requirements they have as a financial organization regarding information security.

Let us help you with your IT challenges

Talk to an expert
Panorama IT Consultora

Suscríbete a nuestro blog

España
map-icon

Cl Mahón 6, 1ª planta - 28290 Las Rozas, Madrid

tel-icon

+34 91 515 1390 | +34 656 161 700


Colombia
map-icon

Carrera 7 # 156 – 68, Of 1804 Edif. North Point III Bogotá

tel-icon

+57 1 9174704 | +57 311 831 8350 - +57 318 397 7678

Brasil
map-icon

Av. Ibirapuera 2102, Conjunto 134-CEP 04.028-001 Sao Paulo/SP

tel-icon

+55 11 91875 3931


México
map-icon

Calle Darwin 74, Col. Anzures, 11590 Ciudad de México

tel-icon

+52 55 6879 9902

Políticas de privacidad I Políticas de Calidad