Customer Stories

When a SIEM Just Isn’t Enough: Squashing a Sophisticated Cyberattack

Organization

Global Healthcare Giant

Industry

Pharmaceutical

Challenge

  • Trouble configuring custom detections within the SIEM for post-exploitation coverage
  • The rules are often bypassed, and investigation of the few alerts that fire, take up considerable time, hindering the team’s ability to respond quickly

Results

  • While monitoring over 1 million identities, users and services, within the environment, Detect for AWS spotted behavior closely resembling an attacker probing the footprint for weaknesses, and their SIEM did not.
  • Detect for AWS then observed the malicious principal attempting to disable security tools within the environment as a means to establish persistence
Read More
When a SIEM Just Isn’t Enough: Squashing a Sophisticated Cyberattack
Customer Stories
When a SIEM Just Isn’t Enough: Squashing a Sophisticated Cyberattack
Share On:

You may also be interested in:

Northside Hospital - Customer Testimonial

Northside Hospital - Customer Testimonial

Watch Video
Australian Health Fund sees 80% less alerts from Vectra compared to Darktrace

Australian Health Fund sees 80% less alerts from Vectra compared to Darktrace

Australian Health Fund needed a new solution that would replace Darktrace and reduce their number of alerts

Read More
Top 10 Detections Across Healthcare Organizations

Top 10 Detections Across Healthcare Organizations

Ransomware attacks that carry through in a healthcare system can mean stolen medical records and data but can also be physically disruptive when they cause delays in patient care.

Download