ITC Infotech acquires Blazeclan Technologies to enhance Multi-Cloud services and fast-track digital transformation

Learn More
ASEAN
Contact Us

Security Operations for a major Investment firm in ANZ region

Business Requirement & Challenges​

An industry leader in Investment specialist providing financial advisers, wealth managers and high net worth offices in ANZ region wanted to consolidate security incidents from their multiple accounts in the AWS Landing Zone along with different set of security tools stack. Planning to have automation in place for responding effectively to certain security findings, the customer wanted to have security controls to reduce the time taken in the manual response process. They also wanted to strength the overall security posture of their environment by mitigating the risks by fixing all the open vulnerabilities.​

  1. Wazuh Vulnerability Management.  ​
  2. Wazuh SIEM​
  3. Network Firewall.​
  4. Threat Intelligence.​
  5. Governance, Risk and Compliance of AWS accounts​
  6.  Cloud resource performance​  ​

Solution Provided ​

  1. Wazuh SIEM solution provided with integration with all the accounts in the landing zone and various security tools like DLP, EDR, WAF, etc. ​
  2. Wazuh Vulnerability Management to scan all the resources in the environment for vulnerabilities and help mitigate the risks associated with it.​
  3. Wazuh scan all the resources in the cloud to meet standards like ISO 27001, etc.​
  4. Threat Detection based on the MITRE ATT&CK framework that provide high level overview of the tactics and techniques occurring in devices monitored by Wazuh agent on all accounts.​
  5. Sophos Firewall which combines robust protection , performance and adaptability to safeguard their network effectively.​
  6. Implement Amazon CloudWatch to provide actionable insights, reliability and operational excellence for monitoring their AWS resources.​
  7. Implement AWS CloudTrail to monitor, audit, and retain account activity associated with actions across their AWS Infrastructure, enhancing security and compliance​

Business Benefits​

  1. Automated the Security Operations.​
  2. Next generation tools to automate quick remediation of the cyber-threats.​
  3. Customized compliance dashboards.​
  4. Complete Vulnerability Management solution to mitigate risks.​
  5. 24*7 Real time threat monitoring based on the MITRE ATT&CK framework.​
  6. Protection from attacks on the network.​

Outcome/Results​

  1. Enhanced Threat Detection which improved the ability to detect and respond to cyber threats promptly.​
  2. Risk Mitigation through continuous monitoring of the vulnerabilities ​
  3. Improved performance, increased IPsec VPN throughput and protection from attacks on the network.​
  4. Enhanced logging and monitoring approach on CloudWatch allowed quick identification diagnosis and response to workload issues​ ​

Technology Stack​

  1. Wazuh SIEM and VM.​
  2. Amazon CloudWatch.​
  3. AWS CloudTrail.​
  4. Sophos Firewall.​

PUBLISHED: 14th November 2024

Share This Article