The Respond Analyst at Work

Challenge: A US-based home finance company had invested in a SIEM, hoping it was a comprehensive solution for security monitoring. However, one of their biggest challenges was trying to keep up with writing rules to cover most use cases. Routing their IPS data to the Respond Analyst gave them better analysis of the data without spending a minute writing a rule.

Results: The Respond Analyst escalated incidents their SIEM missed, giving them better coverage without requiring rules writing.

1. 30-day comparison proved better results than SIEM with ZERO engineering costs
2. 100% coverage of high volume, low signal alerts with no filtering
3. Provided additional coverage without adding additional resources

Customer Story:

Replaced Rules-Writing with Comprehensive Monitoring


Network IPS event analyzed