About the customer
This customer provides a unified omnichannel marketing platform that has been supporting businesses with orchestrated customer engagement. With a strong presence within the online gaming industry, the customer had quite a few instances of client overlap with Claranet Cyber Security.
As well as online gaming, the customer also held major contracts in the high-end fashion space. The diverse, seasonal nature of the fashion industry makes it such a competitive market that it is imperative that marketing platforms such as the one provided by the customer continue to be relevant, with customers typically utilising multiple interaction points from web/ mobile applications, social media, email, and push-SMS. By engaging on a personal level with every customer, they create a much closer tie and build strong customer loyalty.
The customer held major contracts that made it compulsory to start logging within their customer data environments. They had tried creating a small log store using open-source technology, but soon realised they didn’t have the time or internal resources to build and maintain it, or the in-house expertise to monitor effectively. The team felt they were becoming snowblind due to the sheer volume and inaccuracy of logs. With all of their customer data environments being hosted on AWS, a further challenge arrived when the clients in question insisted that the logs must also reside with AWS, as previously the customer had tried to reduce costs by hosting this on-prem.
After completing an Initial Needs Analysis, Claranet positioned AlienVault USM anywhere as it is a SaaS tool that utilises localised AWS stores based on the geolocation of the sensor, meaning the customer data residency requirements were met.
By utilising a SaaS SIEM platform, the technology is fully maintained with regular developments being released for new features allowing the service to stay ahead of trends, leaving only the onboarding, configuration/ tuning and monitoring meaning internal teams can be freed up to focus on what’s really important - threat management.
The customer onboarded on a 14-day POC license in which Claranet performed the initial onboarding and configuration as well as ongoing management and support. Claranet on-boarded the whole AWS estate including logs from GuardDuty, CloudTrail, S3 buckets and EC2 instances in order to provide holistic logs utilising native security tooling as well as third-party security technology such as perimeter firewalls.
Claranet positioned Managed Detection and Response to cover the ongoing management of the platform, continued support and onboarding of new log sources, and assisted with the review of logs to ensure that the customer’s team was focused on prioritising the correct type of threat. Within this two-week Proof of Concept period, the customer decided that the security requirements were better met through our service, as opposed to burdening their internal team of engineers and could relieve them of some security responsibilities, allowing them to focus wholly on their day-to-day operations.
Results and benefits
With the newfound clarity provided by monitoring across the estate, the customer was able to quickly respond to any new threats and alerts with Claranet’s team on hand to notify and provide remediation advice, and ensure that there were no data breaches with full visibility across their whole data estate.
The customer not only retained their own clients that insisted upon the logging requirements but were able to successfully bid for further new contracts allowing them to recognise an ROI not only from cost savings in terms of resource and time but in actual new business and profitability.