About the client
The client, a subsidiary of a large corporation, offers credit-building credit cards to customers with a limited or uneven credit history.
The client's challenge
The strategic goal of the client was to effectively detect advanced attacks such as ransomware and significantly decrease risk. The client decided to leverage the capabilities offered by Microsoft technologies to move away from a traditional perimeter-based approach – and adopt a Zero Trust approach. Their goal was to make risk-based, context-driven decisions rooted in Identity, Device, App, Infrastructure, Network and Data.
They also wanted to work in a hybrid model to extend their security operations team using a managed security services provider to operate and manage the tools they required to deliver these capabilities.
The client initially had been considering various point products but changed direction with CyberProof and Microsoft support, because they were interested in having a single security vendor support the Extended Detection & Response (XDR) capability that they wanted to deploy.
- 90% increase in visibility into threats, vulnerabilities, and environments – improving the client’s ransomware resiliency
- Creation of custom reporting using Microsoft tools, so the customer can take these insights to senior leadership and provide a clear view of their security posture
- Consolidation of IT productions
- 50% reduction in day-to-day SOC operational costs; including optimizing SOC team activities
- 20-30% optimization of infrastructure and cloud consumption, as newly deployed cloud solutions are SaaS – thereby eliminating what the client had been spending due to its use of legacy technology
- 30-40% reduction in engineering staff (due to the elimination of legacy infrastructure)
CyberProof worked together with Microsoft to provision and deploy the Microsoft XDR capability and integrate it with the client’s current Managed Detection & Response (MDR) service with CyberProof. This was done by leveraging the CyberProof Defense Center (CDC) platform, which supports collaborative, real-time security operations for all stakeholders through orchestration and smart automation including: alert enrichment, incident prioritization, playbook-led responses, and seamless chatops communication.
CyberProof supported the customer throughout the transition, including the implementation and operational phases. Working together with Microsoft, CyberProof built a new cloud-native architecture integrating the Microsoft security stack – while consolidating the existing tech stack and gaining significant cost efficiencies.
CyberProof’s XDR deployment for the client and ongoing service integration with the MDR solution is fully scalable and provides continuous improvement:
- The CDC provides a “single pane of glass” collaboration platform that allows the customer and CyberProof cyber professionals to accelerate incident detection and response utilizing the Microsoft XDR security stack.
- CyberProof leverages Infrastructure as Code (IaaC) for onboarding services, dramatically reducing the transition time from legacy to next-gen SOC, automating up to 95% of onboarding tasks by treating the configuration and set-up as code. Once a template is developed, it can be re-used for repetitive tasks – thereby introducing great efficiencies.