Our client is one of the largest banks in the ASEAN region, providing a full suite of products and services for both the retail and corporate markets, such as lending, deposit, brokering, investments, credit card, and remittances.
including DENIAL OF SERVICE and PHISHING use cases
all with continuous asset management, context management, change management, and alert management
The future of computing promises more scale, more complexity, and certainly more change, all at a great speed. Due to this transition, the odds increase every day that every organization will have a major technology incident, created internally or externally. Without a predictable way to respond to incidents, any organization—growing or mature—is at risk.
For our banking client that delivers essential financial services for millions of customers, and that operates in an industry always highly targeted by bad actors, it was a business critical for them to have a modern incident management system that is speedy and reliable against the changing threat landscape. To improve their cyber defense capabilities, they had made significant investments in cybersecurity tools and software. They wanted to ensure the incident management platform can holistically analyze diverse and large volumes of data events from diverse sources, and minimize repetitive manual analyses and triage from their security operation center.
The Human Managed’s cloud-native and data-agnostic platform continuously collects logs, metrics, events, and alerts data from the client’s IT and security systems such as endpoints, cloud resources, network devices, software, servers, etc., that generate as much as 15 billion events per month.
After cycles of data analysis, the platform generates contextualized intelligence and recommendations for internal users, executives, and engineers to reduce cyber threats and optimize cyber operations.
The alerts generated by the Human Managed platform are monitored and triaged on a continuous basis to enable the client to quickly and efficiently validate, investigate, and respond to issues, incidents and cases. Human Managed provides actionable remedial recommendations, and where applicable, take remedial action on security devices or security applications to perform rapid exposure containment to minimize business impact.
The HM platform runs multiple depths of analyses on client’s processed data and events consisting of conditions, correlation rules, machine learning algorithms and business intelligence to detect and alert on suspicious or anomalous activities occurring on client’s 77,000+ assets.
The outputs for the threat incident management service sends insights, intel, decisions, and actions on client’s custom cyber threat use cases, including ransomware, phishing, denial of service, and attack surface management.
The intel and recommendations are sent on-demand as report, notification, and dispatch to the client’s operators, analysts, and executives.
Insights:
detected cyber threat tactics and techniques such as compromised asset, internal threat, external threat, and malware.
INTEL:
metrics and trends on cyber threats, anomalies and suspicious behaviors against client’s baseline and external patterns.
DECISION and ACTION:
Recommended steps to fix and remediate prioritized issues and incidents
...and more!