Security information and event management (SIEM) provide real-time analysis and alerts based on the conditions of a network’s hardware and software.
See the case studies below to learn how various organizations are integrating security into their networks with SIEM solutions:
1. Wonga
Wonga is a London-based digital finance company that offers responsible lending options to customers. Founded in 2007, it has grown into an innovative credit provider.
As a provider of financial services, Wonga must adhere to the PCI DSS regulations to maintain its certifications. However, with more than six million transactions processed every year, Wonga requires a modern automated security solution.
“We knew we needed one solution that could cover all the bases and that’s when we came across NNT, “ says Ayo Obasanya, infrastructure manager at Wong.
“Their solution gives us everything we need, it even identifies what has changed within the files and registries, who made that change, and if it was planned or unplanned.”
Industry: Financial services
SIEM solutions: NNT integrated SIEM, CCM, and FIM, NNT Change Tracker Gen 7 R2, and Log Tracker
Outcomes:
- Saving time and effort monitoring the network
- Brought PCI DSS compliance into the main IT security strategy
- The Log Tracker covers the entire IT estate of 750 devices
- Prebuilt hardening standards for all network devices
Read the full Wonga and New Net Technologies case study.
2. The Cologne Bonn Airport
The Cologne Bonn Airport is one of Germany’s largest commercial airports. With 1,800 employees, it sees over nine million passengers and over 740,000 tons of air freight.
Over time, the airport’s IT infrastructure had become heterogeneous with multiple system architectures and networks needing to operate in tandem. This puts a strain on available resources and doesn’t produce security analysis scans and reports in time.
“Security is the highest priority at an airport, and McAfee is an important partner for us in this regard,” says René Koch, IT security manager at Cologne Bonn Airport.
“[McAfee Enterprise Security Manager] ESM helps us in particular to create transparency and to control our IT according to the requirements. Thanks to the central management capabilities of [McAfee] ePO, we can now utilize our resources in an extremely targeted manner.”
Industry: Aviation
SIEM solutions: McAfee Advanced Correlation Engine, McAfee Enterprise Log Manager, and McAfee Enterprise Security Manager
Outcomes:
- More options for security incident response
- Results-based analysis
- Better auditing and compliance options
- Automated and targeted handling of threats and errors
Read the full Cologne Bonn Airport and McAfee case study.
3. The Energy Authority
The Energy Authority (TEA) is a public provider of power utilities across the U.S. It generates energy from a wide variety of sources, such as hydro, wind, and solar, in addition to traditional options.
With operations running all days of the week and year, TEA’s small IT team from 225 total employees across the country is responsible for keeping the power on. Working with Sumo Logic, TEA wasn’t only able to secure its network, it also simplified the operations of its employees with single sign-on (SSO) and a unified dashboard.
“Why do we choose Sumo? It started with the clicks, the CrowdStrike Threat Intelligence, the automated response, the flexible licensing, and it’s more than just SIEM,” says Scott Follick, IT director for service delivery and support at TEA.
Industries: Oil and energy
SIEM solutions: Cloud SIEM
Outcomes:
- Cloud-based and not resource-intensive
- Combines various platforms into a unified dashboard
- Built-in automation
- Single-click and easy access to resources
Read the full The Energy Authority and Sumo Logic case study.
4. Momentum Telecom
Momentum Telecom provides a variety of telecommunication services ranging from unified communication and VoIP to broadband solutions and cloud services. While it serves businesses, IT managers, resellers, and cable companies, security isn’t Momentum’s strong suit.
Looking to reduce its needs for expensive and hard-to-find security engineers, Momentum Telecom needed a SIEM solution that focused on automation and intelligence.
“We need a lot of data from different sources, and we didn’t want to have to worry about limiting the amount of data that a SIEM could examine because of how log volume-based pricing works,” says Scott Helms, VP of advanced services at Momentum Telecom.
Industry: Telecommunications
SIEM solutions: Exabeam Data Lake, Exabeam Advanced Analytics, and Exabeam Entity Analytics
Outcomes:
- Automated log monitoring
- Les brittle security efforts
- Allows employees to focus on core business operations
Read the full Momentum Telecom and Exabeam case study.
5. Canadian Automobile Association
The Canadian Automobile Association (CAA) is a federation of nine regional locations all over Canada. It provides emergency roadside services, insurance, travel, and various automotive offerings to its 6.5 million members.
In an unusual scenario, five of the CAA locations combined their funds to purchase high-end SIEM and logging systems. As a nonprofit with a limited budget, pooling funds was the only way for the CAA to get the security it needed to serve its members.
“We all needed the same functionality, but the cost of each club purchasing its own product just didn’t make sense,” says Paul Schubert, director of technology Service for CAA Saskatchewan.
“With LogRhythm, we got the complete package without the need for customization.”
Industry: Automotive
SIEM solutions: LogRhythm’s NextGen SIEM Platform
Outcomes:
- Easy and quick implementation
- Deployments take 40 hours between the five clubs
- Fixing little problems faster
- Detecting hidden problems effectively
Read the full Canadian Automotive Association and LogRhythm case study.