Customer
The customer is a law firm in Asia providing legal services to multinational clients and employs approximately 1,500 staff members in various locations throughout Asia.
The Challenge
The firm operates in a hybrid environment (on-premises and cloud) that spans multiple jurisdictions in Asia, with about 1,500 users accessing and storing sensitive client data daily. They needed a monitoring solution that seamlessly integrates with all their systems to guarantee security and compliance, offering real-time visibility and threat detection.
Defence Logic Siem and Security Operations Centre
Defence Logic Security monitoring employs an SIEM (Security Information and Event Management) platform that gathers and scrutinises data from different sources, including logs, network traffic, devices, and applications.
The SIEM platform notifies the Defence Logic Security Operations Centre (SOC), which operates 24/7, of any suspicious or malicious events, such as unauthorised access, data breaches, malware infections, or ransomware attacks.
Defence Logic’s SOC offers expert skills in managing the alerts within the SIEM, filtering false positives, prioritising crucial incidents, and providing response and remediation guidance.
The law firm selected Defence Logic Security monitoring due to its simple implementation and cost-effectiveness. The firm also appreciated the fixed pricing model, ensuring they pay a set rate regardless of the SIEM’s data volume.
Solution
In collaboration with the law firm, Defence Logic oversaw the integration of Defence Logic monitoring within its IT network.
DELIVERY OF DEFENCE LOGIC MONITORING
Upon settling initial arrangements, Defence Logic introduced the SIEM to the firm. With the aid of our consultants, the tool was set up and tailored to their security environment:
- 145 Servers
- 150 Desktops and remote-working Laptops
- 2 million events per day
- 200 Gigs / 30 Days
Result
The collaboration between Defence Logic Security Monitoring and the law firm was a great success. The law firm expressed high satisfaction with Defence Logic’s offerings, which resulted in several benefits.
Firstly, their overall security was considerably strengthened, making them more resilient against cyber threats. Secondly, the SIEM deployment aided the firm’s compliance with industry regulations and standards, such as ISO 27001. Thirdly, operational expenses were reduced due to efficient event management and optimised security procedures. Fourthly, potential security vulnerabilities were mitigated, resulting in a more secure IT environment.
Lastly, the law firm now has peace of mind knowing that a trusted partner oversees protecting their invaluable client and staff data.
Technology
The technology foundation highlighted in this success narrative encompasses the Graylog SIEM, enriched by Defence Logic’s unique detection rules, promising solid and bespoke security solutions. Bespoke integrations were built for several software and hardware components.