Description of Pain or Challenge: Manufacturers often have a disproportionately large data environment in contrast to their in-house staff. Risks affecting supply chain and business operations pose a serious threat to manufacturers, as they can be exposed through any number of the IT systems critical to maintaining effective supply and distribution of materials. Implementing a solution that fills the time/resource gap of the security team and provides detection and response capabilities across critical assets is imperative to a successful MDR program.  

Solution Overview: Competing with nearly 8 other MDR providers, Lumifi was able to offer the most comprehensive solution to address the requirements for this organization.  Lumifi was able to couple their client-centric services with an ecosystem of industry leading technologies to address the primary needs of the customer. 

Services Description:

• 24x7 Alert Monitoring and Threat Validation 
• Incident Remediation and Forensic Analysis 
• Tuning/Filtering of Alerts 
• Custom development of parsers, rules, alerts, API integrations, runbooks/playbooks, reports 
• Full management of supported technology 
• Automated Threat Response (SOARaaS) – complimentary to Sentinel SOAR functionality 
• Advisory/consulting support for detection and response strategy 

Technology Description:

• Microsoft Sentinel for log visibility into Microsoft services and critical applications/systems 
• ExtraHop for north/south visibility, lateral movement visibility, asset discovery and network connected devices, and network performance monitoring for Primary DC, remote DC’s, and AWS environment 
• Crowdstrike for Endpoint Detection and Response  
• Proofpoint for additional Email visibility and context   

Challenge:

The success of a legal practice requires a focus on reputation management and nurturing the relationships that exist between the firm and their clients. Compared to other industries, the legal sector has an elevated risk of cyber threats primarily due to the confidential data and sensitive client information available to an attacker. Cybersecurity is not often at the top of the priority list because offices are filled with lawyers, and not IT teams. Considering this, the challenge becomes protecting sensitive data with limited skills and resources.

Solution Overview: 

For this organization with limited resources, partnering with a Managed Detection and Response (MDR) team became critical in protecting Corporate IP. The client in this study also wanted to consolidate technologies and re-platform in the cloud. Lumifi worked with the client on moving them from RSA SIEM to Palo Alto Cortex XDR with the Data Lake. Content from the de-commissioned system was ported to the new cloud-based environment. Lumifi continued working with the client as it’s MDR provider, successfully maintaining the firms security posture.

Services Description:

MDR Service for 24×7 Alert Monitoring and Threat Validation Incident Remediation and Forensic Analysis Migration of existing content package to Cortex platform Tuning/Filtering of Alerts Custom development of parsers, rules, alerts, API integrations, reports Full management of supported technology Automated Threat Response (SOARaaS) – complimentary to Palo Alto XSOAR functionality Advisory/consulting support for detection and response strategy

Technology: Palo Alto Cortex XDR with Data Lake

Description of Pain or Challenge: The financial services industry is one of the more mature markets requiring cybersecurity.  Smaller financial services firms typically have a limited team coupled with an advanced environment.  In this case this customer was looking for an MDR provider that could be a true partner and function as an extension of their team.  The Lumifi team took the time and effort to diligently evaluate and invest in the best security products for this organization.  They needed an MDR provider to not only fill the time and resource gap of threat management, but also create an operationally effective security ecosystem.

Solution Overview: Lumifi was able to offer the most comprehensive solution to address this customer’s requirements through their expertise and client-centric delivery model. Delivering the MDR service through a transparent and shared environment allowed Lumifi to work with this customer’s security team to develop and execute a vision of an integrated security platform.  This customer experienced a reduced time to detect, reduced time to respond, avoided false positives, and was able to save critical time and assets for their business endeavors. 

Services Description: 24×7 Alert Monitoring and Threat Validation Incident Remediation and Forensic Analysis Tuning/Filtering of Alerts Custom development of parsers, rules, alerts, API integrations, runbooks/playbooks, reports Full management of supported technology Automated Threat Response (SOARaaS) – complimentary to Sentinel SOAR functionality Advisory/consulting support for detection and response strategy

Technology Description: Microsoft Sentinel for log visibility into Microsoft services and critical applications/systems Microsoft Defender for Endpoint