Case Studies

Home » » Case Studies » The Journey from Upgrading Endpoint Security to a Modern Autonomous SOC
Share

The Journey from Upgrading Endpoint Security to a Modern Autonomous SOC

While the initial plan was to update endpoint security, the result for a global financial services enterprise was much more—a single platform modern SOC, with automated and AI-enhanced security and the capability to expand in the future. Comport’s recommendation to evaluate Palo Alto Networks’ Cortex technology combined with Unit 42’s global threat detection and incident response expertise enabled the organization to achieve a unified, comprehensive security solution that effectively addresses current threats and future cyber challenges.

SOC Picture

Background

A global financial services leader in the NYC metropolitan area recognized the need to minimize business risk by updating their 10-year-old endpoint security, which included desktops, laptops, mobile devices, and virtualized machines. With the increasing sophistication of cyber threats and the growing number of devices connected to their network, their existing security could be inadequate, potentially exposing sensitive financial data to breaches and cyber-attacks.

To address this issue the organization embarked on a program to modernize its endpoint security. Initially, a best-of-breed approach was considered. However, this required complex integrations of their existing and new solutions, as well as ongoing maintenance of these integrations. Comport and its partner Palo Alto Networks changed the conversation from an endpoint security tool to a single platform, unified vision with a roadmap to a comprehensive end-to-end security solution. This collaboration focused on Palo Alto Networks’ Cortex technology, known for advanced capabilities in threat detection and response.

Competitive Evaluation and POC

The organization undertook a rigorous six-month competitive evaluation of the industry-leading endpoint security vendors. Following this evaluation, a three-month Proof of Concept (POC) was conducted to test Palo Alto Networks’ Cortex technology. This POC sought to determine essential factors, including:

  • How Cortex’s APIs integrate with their existing security ecosystem.
  • How Cortex’s automation and orchestration could streamline operations.
  • The quality, comprehensiveness, and usability of Cortex reports.
  • The efficiency of deploying Cortex across various 100,000 endpoints.
  • Scalability for future endpoint growth.
  • Confidence in the reliability, robustness, and effectiveness of Cortex in their environment.

Results

The successful competitive evaluation and POC validated Comport’s recommendation to consider Palo Alto’s single platform, unified security solution. The client team was impressed with how Cortex XDR employs machine learning models to analyze telemetry data from endpoint, network, cloud, and third-party data, creating a comprehensive view that is scalable for growth. Behavioral analytics identify abnormal behaviors that may indicate a threat, such as unusual login times, unexpected file modifications, or atypical network traffic patterns.

The client also included Palo Alto’s Unit 42 to analyze global threat data and identify new attack techniques and trends.  Unit 42 enables swift responses to security incidents by identifying the cause of breaches, executing threat containment, with strategies to prevent future incidents.

Some costs were offset by legacy applications such as Sophos, Trelix and several Microsoft services that were no longer necessary.  The customer’s investment in an existing Palo Alto firewall was leveraged in the solution (although other firewalls will also integrate easily).

Conclusion

This case study underscores the importance of Comport’s role as an IT partner to bring forth the best technical solution and to facilitate leadership and executive team partnerships amongst all parties.  This approach enabled a transition from a disparate set of tools to a cohesive security platform.

The combination of Cortex XDR’s telemetry and AI capabilities with Unit 42’s threat intelligence and incident response expertise provides a superior solution for detecting and preventing cyber-attacks. The client gained unified, automated and orchestrated cyber security leveraging advanced technologies, expert threat intelligence and incident response to reduce risk and safeguard their business. The financial services organization can now effectively mitigate advanced cyber threats, streamline security operations, and ensure the safety and integrity of sensitive financial data.

The impact of the Palo Alto solution was immediate and dramatic.  Their operations were catapulted into next generation security, with consequential and positive benefits.”  Joe Zinna, Vice President East, Comport

 

Related Posts

Transforming Healthcare with HPE GreenLake Architecture

Read More

ZTNA vs VPN: Rethinking Secure Access

Read More

How HPC Solutions are Revolutionizing Healthcare

Read More

Extend the capabilities of your IT team with Comport’s technology services and solutions.

Contact an expert

Proud Partners

Follow Us

© 2024 Comport Technology Solutions

                        Register Below

                        [text* first-name placeholder "First Name" akismet:author]

                        [text* last-name placeholder "Last Name" akismet:author]

                        [email* email placeholder "Email" akismet:author_email]

                            ComportSecure Streamlines Managed IT Services

                            Take advantage of ComportSecure’s comprehensive managed cloud services and team of experts to transform your cloud. Contact us today to take your cloud solutions to the next level.