Security Tools: Microsoft Sentinel, Microsoft Defender for Endpoint, RSA Netwitness Packets
Description of Pain or Challenge: Various agencies using different security tools, leading to technology sprawl and no centralized SOC. Concerns arose due to diverse attack types and the lack of a central SOC to handle alerts and remediation tasks.
Solution Overview: Lumifi deployed a central security technology stack with Microsoft Defender for Endpoint and Microsoft Sentinel. A central SOC was established to migrate various technologies into this unified stack, ensuring comprehensive alert management and investigations. Lumifi recommended retaining Netwitness for packets to maintain network visibility.
Agencies were consolidated under a unified security instrumentation, resulting in increased response and reduced visibility gaps. The experienced SOC provided invaluable support, avoiding task shortfalls and negative outcomes. Lumifi's expertise and tools, including Shieldvision and Microsoft Security tools, along with seasoned Packet experts, played a pivotal role in achieving success.
Technology Description: ShieldVision, Microsoft Security tools expertise, and Packet experts with over a decade of experience.