Customer story


A Proactive approach to In-house IT threats, CSIRT activities and Shadow IT / virtual PC


Lack of visibility in internal network and early detection of threats


  • Threat intelligence to detect previously unknown threats
  • Moved from a reaction approach to a proactive security process
  • Now has visibility into the use of these cloud services and virtual PCs in their network

Ricoh Co. Ltd. achieves real-time monitoring of 100,000 units to detect threats in advance


After experiencing the WannaCry ransomware attack in 2017, the Ricoh Group faced the challenge of rapidly increasing alerts and a lack of visibility in their internal network. The CSIRT team struggled to analyze the logs and understand the attack's impact on their systems, emphasizing the need for improved network visibility and threat detection.


The Ricoh Group implemented Vectra, an AI-driven threat detection and response platform, after being recommended by security experts from Nissho Electronics. Vectra provided real-time monitoring capabilities, prioritized alerts without rule creation, and enhanced reporting capabilities. The platform helped the CSIRT team capture and analyze data across the enterprise, addressing the challenge of internal network visibility.

Customer benefits

With Vectra deployed, the Ricoh Group gained a proactive approach to detecting early signs of incidents, leading to more effective countermeasures. The platform revealed hidden activities, including Shadow IT and virtual PCs, enabling the company to enforce policies against the use of cloud services for individual contracts. The clarity and efficiency of Vectra's dashboard, along with its AI-driven threat detection, strengthened the overall security posture of the Ricoh Group, making them resilient against current and future cyber threats.

“The ransomware attack was detected on the endpoint, but over time, the number of alerts informing us about the attack increased rapidly.”

Atsushi Sato
CSIRT Team Member at Ricoh

“Detected events are plotted on two axes, certainty and threat level, and when they are detected, their priorities are clear. It works for several analysts.”

Kazuki Ohara
Security Strategy Group and Security Management Department at Ricoh