The Respond Analyst at Work
Challenge: A US-based home finance company had invested in a SIEM, hoping it was a comprehensive solution for security monitoring. However, one of their biggest challenges was trying to keep up with writing rules to cover most use cases. Routing their IPS data to the Respond Analyst gave them better analysis of the data without spending a minute writing a rule.
Results: The Respond Analyst escalated incidents their SIEM missed, giving them better coverage without requiring rules writing.
1. 30-day comparison proved better results than SIEM with ZERO engineering costs
2. 100% coverage of high volume, low signal alerts with no filtering
3. Provided additional coverage without adding additional resources
Replaced Rules-Writing with Comprehensive Monitoring
Network IPS event analyzed