Case Study
Cloud security transformation—Global travel tech company strengthens security posture with cloud-native threat monitoring solution
OUR CLIENT
This European technology company provides global travel and tourism software solutions. It caters to travel agencies, hotels, resorts, airlines, and other related businesses and strives to help clients optimize operations and enhance customer experiences. With nearly 20,000 employees in more than 100 offices worldwide, the company generates approximately $5 billion in annual revenue.
THE CHALLENGE
Cloud transformation required new, cloud-native approach to cybersecurity
The company was embarking on an enterprise-wide cloud transformation as it migrated its application footprint to the cloud. The IT team wanted to shift from black box to cloud-native security operations using Microsoft Security Suite to maintain a strong security posture. The company needed a strategic cybersecurity partner with deep expertise in Microsoft Azure security services to guide the implementation of a hybrid, transparent, flexible, managed services delivery model.
THE TRANSFORMATION
Strengthened security posture with comprehensive, cloud-based security operations
The company selected CyberProof, a UST company, to design and implement a cloud-native security threat monitoring solution with advanced managed detection and response (MDR) services. With a scope of work that included a data ingestion volume of 10 TB per day and more than 60,000 endpoints, UST:
- Established cloud-native security operations—After deploying Microsoft Sentinel Security Information and Event Management (SIEM) and building a cloud data lake, we connected all native and non-native data sources to the SIEM and integrated CyberProof’s use case management (UCM) for security threat detection and response rules and playbooks, ensuring that the company has reliable threat hunting capabilities across all data sources.
- Created a sustainable use case management and governance program—By integrating the Cortex XSOAR platform with CyberProof’s use case factory (UCF), the security operations team can easily manage existing use cases while continuously creating, testing, and deploying new security use cases to keep pace with an ever-evolving threat landscape.
- Provided 24x7 level 1 (L1) and level 2 (L2) security operations center (SOC) services—Our highly skilled, certified Microsoft security professionals now oversee a cloud-native solution, consisting of Splunk, Cortex XSOAR, CrowdStrike Falcon, and Cortex XDR technologies, that extend security monitoring to the company’s footprint of cloud applications.
THE IMPACT
Balancing robust security control with vendor flexibility
The travel and tourism technology company now boasts a cutting-edge cybersecurity framework that safeguards its extensive global operations and comprehensive suite of software solutions. These solutions are used by some of the most prominent names in the industry, ensuring they remain secure and resilient against threats.
Through our hybrid service delivery model, which includes dedicated teams for level 2 security operations center (SOC) support and use case management, the company has access to constant, expert security assistance. This model fosters a transparent, flexible, and collaborative environment, allowing the company to balance robust security controls with the flexibility needed to work effectively with various vendors.
RESOURCES
https://www.cyberproof.com/resources/