The security team at a global manufacturing firm was struggling to secure the company’s infrastructure and intellectual property (IP) against advanced internal and external threats.
The firm produced highly innovative products and constantly faced the threat of attackers attempting to steal their IP. The IT security leader (we’ll call him Henry) oversaw a team of four security practitioners that were new to the field. The team was responsible for managing security operations and controls, setting and enforcing policies, monitoring activity, and responding to threats.
Even though Henry had a solid team of four, he struggled to find the additional security experts needed to adequately defend his organization. The company was headquartered in a region with a shortage of cybersecurity professionals—even if Henry could locate the right expertise, his budget would not accommodate the high salary such roles typically command.
BUSINESS SNAPSHOT
7,000+
endpoints
40+
locations
5
IT security team employees
Simplifying and expediting incident response
Henry’s biggest priority was to improve his team’s ability to simplify and expedite incident response. Their existing IR solution continually missed threats and rarely provided sufficient information for a quick and accurate decision to be made. After receiving a recommendation to look at Red Canary, Henry ran a Proof of Concept (POC) with Red Canary and two competitors.
Several qualities led Henry to determine that Red Canary was the best partner. In addition to the thorough threat hunting and investigations performed by Red Canary, Henry was impressed by the quality and expertise of Red Canary’s Threat Hunting Team. Red Canary was the only solution to include access to dedicated security experts as a standard part of its core service.
Outcomes
Henry and Red Canary's threat hunters collaborate to solve problems.
Improving security outcomes
Henry regularly taps into Red Canary’s Threat Hunting Team to gain the expertise he needs to level up his security program. From strategic support and program development to tactical advice and actionable threat intelligence, Red Canary closely collaborates with Henry to improve his organization’s security.
Stopping internal threats
Late one Thursday, Henry sent Red Canary an urgent request for help. A recently terminated, high-level executive appeared to have exfiltrated data and Henry was searching for signs of suspicious behavior. A Red Canary threat hunter was able to quickly scan the data repository and locate the information Henry needed.
Ensuring business continuity
After WannaCry hit, Henry needed to quickly deploy Red Canary across an additional 3,000 systems—several of which were highly sensitive production lines that could cause millions of dollars in losses if any downtime occurred. Henry and the Red Canary team worked together to ensure that all 3,000 agents were deployed flawlessly over three days, with no downtime.
Hands-on, expert training
Henry wanted to ensure that his team knew its selected Endpoint Detection and Response (EDR) product inside and out. A Red Canary threat hunter spent several days on-site, digging into the intricacies of the tool and training the team from the perspective of a seasoned threat hunter.