Major Defense Contractor

Major Government Defense Contractor Speeds Incident Response with Blue Coat. When the Senior Cyber Defense Engineer for a major government defense contractor found himself continually telling management he couldn’t prevent or even explain the barrage of security incidents they were experiencing, he set out to find a solution. What he found was the network forensics capabilities of the Blue Coat Security Analytics Platform, which finally provided the answers he was looking for to the tough questions, such as “How did this happen?”, “Who did this to us?”, “What systems were impacted?”, “Is it over?”, and “Are we prepared if this happens again?”

Challenge

Getting the visibility they needed to quickly resolve security incidents Despite having “best-of-breed” security tools that claimed to provide complete network defenses, they had no visibility into what was actually crossing the network. For example, their last line of defense – the endpoint firewall – was not only unable to prevent zero-day threats, but couldn’t even show them what had been compromised. They needed a comprehensive solution that could make sense of the “unknowns” and give them concrete answers to the questions they had around their security incidents.

Solution

The Blue Coat Security Analytics Platform The Incident Response Team put the Blue Coat Security Analytics appliance to the test, and the results were immediately clear. “With one click, I instantly had my answers and was able to quickly complete investigations,” the Senior Cyber Defense Engineer reported. With Blue Coat, the team could quickly search on an infected machine’s IP address, narrow the time slice and then drill down into the payload to see exactly what was going on and get the answers they needed.

Benefits

  • Visibility – finally understand exactly what is going on to get the answers they need to the tough questions around an incident
  • Accelerated Incident Resolution – reduced time to resolve an incident by 75%
  • Enhanced Security – have the ability to adjust policies, improve security education and fortify the network in other ways to better protect the business
Share this: