The challenge
Securing an environment that is split across two continents is a massive and complex undertaking As part of ongoing efforts to continually evolve its cyber defenses, an industry-leading endpoint security solution was deployed across the utility company’s extensive environment. However, a combination of initial configuration settings, coupled with the complexity and magnitude of the transcontinental infrastructure, resulted in the generation of thousands of alerts that quickly overwhelmed the in-house SOC teams.
The situation provided an opportunity to not only stem the barrage of alerts, but also improve alerting priorities and fully integrate response playbooks into their team processes.