Challenge
The customer, a global manufacturing conglomerate with five distinct business units, had been working with a Managed Security Service Provider (MSSP) that didn’t meet the level of service and accuracy in delivery that they required to defend their network from cyberthreats. Each business unit had its own Splunk Enterprise Security environment that had been set up and managed independently. The customer needed to normalize data ingestion across all five business units and combine five Splunk instances into one that could effectively monitor, manage and detect security events, validate them, and promptly respond to them.
The CISO, an experienced cybersecurity veteran, understood the need to stay ahead of the threats impacting their business.”
Solution
The customer selected Deepwatch to normalize and standardize log and data ingestion across all five business units and combine it all in one overarching Splunk environment. We began the engagement by evaluating each business unit’s security posture utilizing the Deepwatch Maturity Model. Once a base maturity score was set for each business, and the conglomerate as a whole, the team went to work.
