1 / 18

RSA Big Wins Industry Use Cases

RSA Big Wins Industry Use Cases. Security Analytics/GRC. RSA PARTNER USE ONLY. Financial Services . RSA Solution(s) : Security Analytics Customer Background: Large bank in U.S. with over $1 trillion in assets & 250,000+ employees Serves over 70 million customers Deal Size : $3 Million

dalit
Télécharger la présentation

RSA Big Wins Industry Use Cases

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. RSA Big WinsIndustry Use Cases Security Analytics/GRC RSA PARTNER USE ONLY

  2. Financial Services • RSA Solution(s): Security Analytics • Customer Background: • Large bank in U.S. with over $1 trillion in assets & 250,000+ employees • Serves over 70 million customers • Deal Size: $3 Million • Customer Pain Points: • Third party performed a security assessment, with number one finding being lack of network visibility • Limited visibility into threat behavior and targeted attacks • Needed comprehensive network visibility to reduce attacker free time and associated remediation activities • Positive Business Outcomes: • Extensive visibility into all activity on Internet links for 4 largest datacenters in U.S. • Protection of company brand • Competition: Homegrown applications & manual efforts

  3. Financial Services • RSA Solution(s): Security Analytics & Education Services • Customer Background: • Insurance company that offers multiple products to protect, preserve, and grow personal finances • 6,400 employees and $100 million in assets • Deal Size: $230K • Customer Pain Points: • Customer had limited visibility into threat behavior and targeted attacks • Customer had gone through a POC for packets in 2010 but could not come to terms on price; RSA reengaged two years later and covered the Security Analytics story, which was well-received • Positive Business Outcomes: • RSA went into a competitive RFP against Solera, ultimately providing a deep dive technical review and price analysis. RSA was able to win the deal with these competitive advantages: • Fusion of live threat Intel • Flexibility to add customer parser as the customer’s business changes over time • New Hybrid technology gave RSA the required bandwidth to make the price competitive • Customer now has extensive visibility into all activity on Internet links for its 2 largest datacenters in the U.S. • Protection of company brand • Competition: Solera

  4. Financial Services • RSA Solution(s): Security Analytics, packets only, for main 2 sites • Customer Background: • Major insurance company in the Fortune 500, offering a diverse set of products including personal auto and homeowners insurance. • Largest segment is commercial property/casualty insurance to both small and large businesses • Deal Size: $300K • Customer Pain Points: • Customer had a growing security team and a maturing program, with recent highly publicized breaches in the insurance industry catching the eye of the executive team. • A new CISO was brought on board to help build out a SOC and reduce risk exposure, but despite a recent investment in logging technology, it was evident that a gap still existed in the customer’s ability to detect and stop advanced malware or identify other areas of operational risk. • Positive Business Outcomes: • Executive Briefing held with the CISO at the EMC CIRC, which helped influence the deal. • With the addition of full packet visibility, the customer is now able to detect high risk activity in its environment, increasing the efficiency of security analysts. • Competition: Nitro, Splunk

  5. Health Care • RSA Solution(s): Security Analytics for Logs, Security Analytics Warehouse, and Professional Services • Customer Background: • Diversified managed health care company based in the U.S. that offers a variety of products and services • Services approximately 70 million individuals nationwide • 95,000+ employees and revenues of over $100 billion • Deal Size: $3.1 million • Customer Pain Points: • An existing enVision customer that had recently purchased NetWitness; realized early on with tight alignment from RSA that Security Analytics would take its security program to the next level • Customer was experiencing issues like waiting for ad hoc reports to run overnight and the visibility of attacks and suspicious behavior was too reactive. There were also general operational challenges with dated enVision design • Positive Business Outcomes: • With strong RSA PS involvement, the Partner now has improved analytics for executive level information, stronger integration with its Incident Management process in Archer, and less time building templates and custom reports • Competition: Splunk

  6. Gas/Energy Company • RSA Solution(s): Security Analytics for Logs & Packets, Security Analytics Warehouse, Archer AIMS (Incident Management) • Customer Background: • Large independent oil and gas exploration company in Europe • Close to 5,000 employees • Over 86 licenses in 22 countries • Deal Size: $1 Million • Customer Pain Points: • Customer reached out to third party consultant for evaluation, understanding the changes in the threat landscape; NetWitness used in investigations • Customer had previously suffered a security breach, having a very small security organization • Customer did not have enough resources and skills to manage their security operations to prevent advanced threats; needed additional resources through a Managed Services offering • Positive Business Outcomes: • Customer has an onsite SOC, as well as an off hours offsite SOC, fully managed 24X7 by an RSA Partner in EMEA. This provides ongoing threat mitigation & incident management for targeted threats. • Competition: Detica Treidan (Arcsight-based services with homegrown packet solution)

  7. Gas/Energy Company • RSA Solution(s): Security Analytics & NetWitness physical and virtual appliances, Implementation Services • Customer Background: • Independent energy company in the U.S. that explores for, develops, and produces natural gas, crude oil, and natural gas liquids • Onshore and offshore operations globally • $17B revenue in 2012 with 6,000+ employees worldwide • Deal Size: $460K • Customer Pain Points: • Customer had no corporate IT security organization and minimal tools and processes in place to address the network threats; hired first IT Security Director in 2012 • Limited perimeter defenses and minimal SIEM functionality; no visibility into network activity or the effectiveness of the tools they were using • Positive Business Outcomes: • RSA Proof of Concept around NetWitness assisted in closing the deal • Customer now has formalized approach to breach readiness with real-time visibility and situational awareness of network traffic and potential threats worldwide • Increased awareness of IT security within executive management • Competition: Solera

  8. Telco • RSA Solution(s): Security Analytics • Customer Background: • Third-largest telecom service provider in the country, with 7.6 million wireless subscribers, 3.5 million wireline customers, and 1.3 million internet users • Serves over 70 million customers • Deal Size: $470K • Customer Pain Points: • Customer needs to monitor all network activity for fast investigations; previously had limited or no visibility into network activity • Positive Business Outcomes: • Impressive Proof of Concept convinced customer to choose RSA solution • Customer now has ability to detect potential threats or attacks in real time • Rapid full packet capture, rich threat intelligence and context, and rapid investigative capabilities • Competition: Solera

  9. Telco • RSA Solution(s): NetWitness Decoders/Concentrators, Brokers, Informer appliances and Archer.  • Customer Background: • State-owned company in Asia Pacific that runs international telecommunications infrastructure, including international gateways, satellite, and submarine cable networks connections • Over 5,000 employees • Deal Size: $500K • Customer Pain Points: • Customer had purchased more than 70 IPS appliances to detect advance threats; however, the setup failed as too many incidents were generated and there was no consolidated view in multiple sites • The IPS’s also could not keep up with the 10Gbps traffic that was being pumped through the gateway • Positive Business Outcomes: • Impressive Proof of Concept convinced customer to choose RSA solution • Customer now has ability to discover specific attacks quickly and identify its source • Customer was highly impressed with the scalability and real time responsiveness of NetWitness • Competition: e-Detective, Narus, BlueCoat, WebSense, local Security vendors

  10. Government Agency • RSA Solution(s): NetWitness Decoders/Concentrators, DACs, Spectrum appliances, Brokers, Informer appliances • Customer Background: • Department of National Defense, which is the largest government agency in terms of both budget and staff in the country • Deal Size: $1.3 Million • Customer Pain Points: • Had purchased smaller S3 deployment with limited number of egress points; customer struggled with the performance and limited meta capabilities of their legacy NIKSUN NetVCR infrastructure and needed a massively scalable architecture network • Had suffered from publicized “data loss” over the past 2 years • Looking for visibility and deep dive analysis for captured data and historical datasets(PCAPs) in “top secret” classified environment • Positive Business Outcomes: • Expanded capability with current hardware • RSA becomes the de-facto standard at DND for packet capture, security monitoring, and analysis of the network, providing: • Detailed reporting, rapid forensic query, ability to capture large amounts of data ranging from standard and unique protocols, import of historical PCAP files for detailed analysis and investigation in a timely manner • Competition: NIKSUN (NetVCR/NetDetectors)

  11. Government Agency • RSA Solution(s): Security Analytics for Packets and Logs, SA Warehouse, and Professional Services to implement, integrate with, and eventually replace the current NetWitness and enVision environment • Customer Background: • Largest government agency in U.S. state responsible for health and human services (Medicaid, Health Insurance, Disaster Assistance, etc.) • Deal Size: $1 Million • Customer Pain Points: • Had been NetWitness customer for 2 years and an enVision user (in addition to Archer, DLP, and SecurID) • Customer saw significant security improvements with NetWitness and wanted to expand to accommodate increased network traffic and begin monitoring lateral movement within its network • Customer also wanted to increase logging and reporting for major network firewalls, but enVision was already at capacity • Positive Business Outcomes: • Customer now has visibility into lateral movement within its core network, plus the capacity to meet increased logging workload • Customer also had ability to use more sophisticated analytic techniques to better assess and approve its IT security posture • Competition: 21CT, Splunk

  12. Government Agency • RSA Solution(s): Security Analytics, PS & Education Services • Customer Background: • Public company owned by state government • Responsible for roughly 60% of the electrical generation in the state, including nuclear, hydroelectric, wind, solar, and fossil fuel • Deal Size: $436K • Customer Pain Points: • Customer had managed services contract with BT Counterpane that provided limited visibility and reporting • Positive Business Outcomes: • Customer went with an RSA Strategic Alliances Partner to provide full visibility into its environment with a more detailed level of service • This solution will allow the RSA Partner to potentially bring some of its other clients to Security Analytics as well • Competition: Competitive vs. existing BT Counterpane contract

  13. Government Agency • RSA Solution(s): Security Analytics Hybrid for Logs and Hybrid for Packets • Customer Background: • A uniformed organization in Asia Pacific under the Ministry of Home Affairs that is responsible for the country’s prison services • Deal Size: $390K • Customer Pain Points: • Customer wanted to collect logs from different devices and correlate this information with the network session information to identify security incidents • Customer had no logs collection capability and wanted to implement a SIEM solution as a first step to their SOC • Positive Business Outcomes: • Customer visited RSA Executive Briefing Center and went through the RSA solution presentation of a SOC, which at the time was just NetWitness • By choosing Security Analytics, customer can now correlate logs from 3 different domains while minimizing the equipment needed • Customer is able to comply with government regulation and also identify real time attacks that are targeted at the home service • Competition: Splunk, Nitro Security

  14. Credit Consultancy Firm • RSA Solution(s): Security Analytics (Logs), Archer Incident Mgmt (AIMS) and Implementation Services • Customer Background: • Provides data and analytics tools to organizations globally to help manage credit risk, prevent fraud, target marketing offers, and automate decision-making • Deal Size: $390K • Customer Pain Points: • Customer was building out its SOC and had limited SIEM functionality • Customer’s primary primary goal was PCI compliance, but also wanted to position log collection for security needs and bring on packet monitoring in next phase • Positive Business Outcomes: • Customer now has real-time visibility and situational awareness into log events • The cornerstone is now set for bringing in Security Analytics capabilities on the log side, along with advanced intel and analytics and the preparation for future packet analysis capabilities • Competition: Splunk, Q1

  15. Software Developer • RSA Solution(s): MSS for Legacy NetWitness installation (Packets)  • Customer Background: • Develops security software that protects PC’s against spyware, pop-ups, and email spam • Customers include corporations, ISPs, educational institutions, and public sector agencies • Deal Size: $540K • Customer Pain Points: • Customer has been a NetWitness customer since 2012, but struggled to manage the enormous amount of data/intelligence monitored by its existing NetWitness deployment. • Customer would have needed to invest in additional resources to build out a security team, so opted to choose a Managed Services option • Positive Business Outcomes: • Customer can now be assured that an experienced SOC team is monitoring their environment and alerting them only when investigations are warranted • Customer can focus on its core competencies • Competition: N/A (smaller players ruled out early in process)

  16. Defense Manufacturer • RSA Solution(s): Security Analytics (migration from enVision) • Customer Background: • Manufacturer for civil helicopters and parastatals (police and emergency services) • Revenues of 6.3 billion euro in 2012 • Deal Size: $540K • Customer Pain Points: • Customer was running enVision for 4+ years, not satisfied with the overall performance • Customer had limited to no visibility into network activity, which was critical being in the defense sector. There was also poor investigation and reporting with the existing enVision deployment • Positive Business Outcomes: • RSA delivered 2 POCs that greatly influenced the deal (SA Packets & SA Logs) • Customer can now detect potential threats/attacks in real time, including a 10x log performance increase • Customer now has cross investigation capabilities with logs and packets • Competition: Cassidian (internal EADS security solution & service provider)

  17. Defense Manufacturer • RSA Solution(s): Security Analytics Tech Refresh for 2 sites • Customer Background: • Global defense, aerospace, and security company that offers products and services covering air, land, and naval forces, as well as advanced electronics, security, IT, and support services • Employs 94,000 people worldwide • Deal Size: $364K • Customer Pain Points: • Existing NetWitness customer that had growing big data issues and required an upgrade to Security Analytics from its older 1200 series packet capture equipment • Positive Business Outcomes: • RSA worked with a SecurWorld Partner to implement a phased approach, selling S4 gear to 2 sites as phase one of a three step expansion plan • The customer now has better overall performance for data recovery and enhanced storage, particularly regarding Incident Response (IR) time • Competition: N/A

  18. THANK YOU

More Related