ProtectWise customers are in the unique position to realize value from commercially available threat intelligence while also customizing and tailoring intelligence that’s most relevant to their organizations. Last week we hosted the “Eliminate One-Size-Fits-All Threat Intel with BYOI” webinar, where we polled our audience a few times. One of the questions was about the ability to tune/customize threat intel and the results are presented below.
This is consistent with our expectations when we started building BYOI (Bring Your Own Intelligence) capabilities into The Protectwise Grid™. Commercial and 3rd party products are “black boxes” that organizations are not necessarily able to customize to use the threat intel that they want. Even in situations where organizations can technically do some tuning, the process is onerous and takes time and resources which are in short supply at many organizations. I went through a demo in the webinar that shows how easy it is to take advantage of the new BYOI capabilities to add rules, import rules, map them to the different stages of the Cyber Kill Chain, ensure that they are validated before putting them into production, and so on.
We were also very fortunate to have Dave Ruedger, Director of Cybersecurity Operations and Chief Security Architect at Maxim Integrated on the webinar. Maxim Integrated is a publicly traded, global semiconductor company with operations in 43 sites worldwide. They are in the process of transforming from a purely manufacturing organization to a primarily technology company where they do the design and testing, which is then handed off to partners for manufacturing (i.e., a fabless model). What this means is that Maxim Integrated is very focused on protecting the data, as their intellectual property is the key to their business.
Part of the transformation has been looking at how they can optimize their infrastructure and operations to better leverage newer technologies like the Cloud. The ProtectWise Grid, which runs entirely from the cloud and provides visibility about on-premises environments and public and private cloud environments, was a natural fit in this transformation.
In the webinar, Dave goes into great detail about why they selected ProtectWise, how The ProtectWise Grid is being used to aid Maxim Integrated in its transformation (even enabling it to get by without a SIEM!) and how the new BYOI capabilities allowed them to identify next gen Powershell threats in their network. I’ve always been very interested in hearing how customers use our platform and this story does not disappoint.
If you missed the live event, make sure to check out the on-demand version.
Next blog post