Cloud-based Services Company Reinvents Cyber Incident Response
Under Constant Attack
From denial of service to phishing attempts and attacks on web apps, today’s cyber threats are many, sophisticated, and constant.
The CISO of one cloud-based services company was looking to improve the way cyber incidents were managed, to accelerate the time it takes to understand whether a security alert requires action or investigation, and – if requiring action – to gather the team as quickly as possible and expedite response and resolution.
The team had in place tools such as Slack, Jira, Google Docs, and email – each serving communication needs very well. However, the security team needed to be able to coalesce all the information contained in these communications in a timely and automated manner.
This was the key to better understanding the needs
of the incident, and to improving response efficiency
and efficacy.
The company selected Exigence to help them get to containment faster than ever. Now they can gather the incident team in a matter of minutes vs. hours. With all relevant incident stakeholders in the Exigence Situation Room, they can organize an effective plan and share information throughout the process.
The Situation Room, thus, helps them ensure that everyone is always on the same page and removes a great deal of the load that is typically placed on the incident investigator.
Moreover, with the ease of documentation afforded by Exigence, the security team has eliminated the time that used to be wasted on documenting incidents (including false alarms), and have streamlined post-mortems by leveraging the Exigence Timeline.
Containment & Beyond
