Customer Stories

When a SIEM Just Isn’t Enough: Squashing a Sophisticated Cyberattack

Organization

Global Healthcare Giant

Industry

Pharmaceutical

Challenge

  • Trouble configuring custom detections within the SIEM for post-exploitation coverage
  • The rules are often bypassed, and investigation of the few alerts that fire, take up considerable time, hindering the team’s ability to respond quickly

Results

  • While monitoring over 1 million identities, users and services, within the environment, Detect for AWS spotted behavior closely resembling an attacker probing the footprint for weaknesses, and their SIEM did not.
  • Detect for AWS then observed the malicious principal attempting to disable security tools within the environment as a means to establish persistence
Read More
When a SIEM Just Isn’t Enough: Squashing a Sophisticated Cyberattack
Customer Stories
When a SIEM Just Isn’t Enough: Squashing a Sophisticated Cyberattack
Share On:

You may also be interested in:

Gain Complete Visibility into Cyberthreats with Vectra and Keysight

Gain Complete Visibility into Cyberthreats with Vectra and Keysight

The Keysight Network Visibility Architecture and Vectra AI Attack Signal Intelligence™ can eliminate blind spots that allow attackers to hide.

Download
Demo: Vectra AI & ServiceNow Integration

Demo: Vectra AI & ServiceNow Integration

Consolidate and streamline processes to deliver effective and efficient security operations with Vectra AI and ServiceNow.

Watch
Automate Response and Speed Remediation with Swimlane and Vectra

Automate Response and Speed Remediation with Swimlane and Vectra

Download