Achieving Intelligent Infrastructure Defence with LogRhythm’s Co-Pilot Service and Security Analytics
Retailers have learned hard lessons in recent years, as organizations such as Target have suffered major data breaches. In Target’s case, the compromised credit card information of 70 million customers have resulted in significant expense, lost revenues, and a damaged reputation.
With the number of detected cyber attacks in the retail sector having increased by 154 percent in just one year1, how can retailers protect their businesses, their data, and their customers?
This is the story of how one global retailer chose LogRhythm’s security intelligence and analytics platform to take a more proactive stance in their security operations.
A Lack of Visibility and Resources
Like many organizations, the small security team oversaw a complex global IT infrastructure with vast quantities and types of inbound data, which made manual review of the daily logs and events nearly impossible.
Confronted with a lack of visibility and resources, the organization sought a solution that would allow it to centralize its logging data, correlate data points, and identify patterns to better detect and respond to security incidents.
The Best Defense is A Good Offense
The retailer adopted LogRhythm and immediately saw value from baseline security analytics capabilities and AI Engine. Soon after deployment, the security team became eager to go even further by implementing advanced custom rules. They wanted to be able to make multi-level rules that could support advanced use cases.
Thus, they enlisted help from LogRhythm’s Co-Pilot service, which paired a LogRhythm engineer with retailer’s IT security staff. The one-on-one guidance empowered the team to achieve their goals of more intelligent rules, as well as enabled the retailer’s security team to migrate from a reactive to a proactive stance in their security operations.
Rather than relying solely on rules designed to detect known threats, the team was able to create new rules to identify previously unknown, hypothetical threats.