Enterprise Networks; Accelerate Forensic Investigations
ISC8’s Cyber NetFalcon® delivers advanced queries spanning months over terabytes of Big Data can be displayed quickly to examine detailed forensic information once malicious activity has been detected. The Cyber NetFalcon® system provides unmatched coverage and long-term tracking of user applications, networks and devices to strengthen cybersecurity operations for enterprises, network operators and government agencies. The system provides a highly scalable architecture that can grow to meet the long term storage needs of the largest networks. Advanced queries spanning months over terabytes of data can be displayed quickly to examine detailed forensic information once malicious activity has been detected.
This case study describes a large manufacturing and real estate development company with about 3000 employees. The company is engaged in the manufacture of construction materials and related products and in civil construction and real estate development. It also provides office-leasing services.
Because of the nature of their business, the company responds to a large number of government bids. This information is quite sensitive, so the network security team is very concerned about protecting their proprietary and confidential information. The customer needed to accelerate their investigations into breaches as they occurred, with a goal to identify individuals responsible for data breaches within one hour.
Since the installation of Cyber NetFalcon, the customer was able to identify an employee responsible for multiple data breaches and information leakage. Cyber NetFalcon also improved visibility into network usage and policy violations, which triggered an update to the corporate security policies to provide better protection for intellectual property and proprietary corporate information.