AI and Machine Learning based security solutions from Network Techlab helps one of the leading co-operative banks to automate their security operation center.

Organization
One of the Leading Co-operative Bank

Location
Mumbai

Domain
Financial Services

Solutions Offered
Seceon AI-based Security Solution

Overview:

A leading co-operative bank with over 103 years of banking excellence, located in the 109 locations. The Bank has professional Board Committee and Management.  This bank has 9-10 years of customer loyalty as their good will and no adverse audit report has been submitted from the beginning of the time. With consistent profit record bank is following the high degree of the Corporate Governance and Security is the most integral part of their focus.

Need for the Solution:

Many of us are using Security Information and Event Management (SIEM) has been the go-to security model for the early detection of targeted attacks and data breaches but still struggling to fend off modern threats. Rule-based and signature-based security systems have failed to prevent the most serious data breaches of the last several years. In this case, the client is using traditional SIEM solutions for protection against vulnerabilities. They were having a Security Operation center with the traditional SIEM solution with all manual rules and policy creation.

This was behind the time solutions they were getting very basic alerts which can help for known attacks only. They were not getting Operational reports of top users, top IP, top destination, top blacklisted website visited etc. There was no logs correlation, Artificial Intelligence & Machine Learning-based model for sophisticated attacks.

Challenges:

It was important to determine the SIEM priorities, Scope data Collection sources, Defining operational processes and establishing benchmark criteria were some of the important and crucial steps while we migrate from old SIEM to the advanced SIEM solutions.

To migrate traditional SIEM to Advance SIEM, we need to make sure that all the system logs and Netflow or Sflows should be forwarded to get all the traffic details with an internal and external sources.

We verified all the logs ingested properly with proper logs. We were able to get the Netflow of HP switch also we got the logs of the email server which was the turning point of this case.

Solution and Benefits:

Firstly, we tried to get the email server details and HP switch details; we also checked the Sflows configuration over the switch and modified the configurations based on our plan and discussion with the customer. For the emails, we build the new parser with Artificial Intelligence and Machine Learning Model.

Human analysts were struggling as older SIEMs force them to manually keep up with this deluge of data; this dangerous scenario is why many organizations are looking to refresh their SIEM.

Automation at Its Best
No rules or human intervention needed Out-of-box solution starts working within seconds of installation.

Adaptive Visualization-Unparalleled Visibility
Advanced behavioral and machine learning technologies Delivers customers full visibility of both internal and external threats
Both bird eye and worm eye view.

Multi-Layer Effective Detection
Detection of known as well as never-before-seen threats at the earliest phase of the chain. Shows the threats that matter –  which needs immediate action Indicates all compromised sources and threat targets Threat Impact Analysis.

Comprehensive interactive visual interface to drill down into threats and effected sources and targets
Provides clear actionable steps to stop the threat Indicates the service impact of the recommended remediation De-risks remediation – tracks and reports all actions for later audit.

Reduces Mean-Time-to-Identify (MTTI) and Mean-Time-To-Response:
(MTTR) with automated real-time detection and remediation with the past context focusing on known and unknown “threats-that-matter” Uses behavioral analytics generated by an extensive set of dynamic threat models, aided by Machine Learning, Artificial Intelligence to detect both known and unknown attacks.

Network Techlab (I) Pvt. Ltd.
41, Sarvodaya Industrial Estate, Opp. Paper Box, Off. Mahakali Caves Road, Andheri East, Mumbai – 400093. India
P: 022-6681 4141 | info@netlabindia.com | www.netlabindia.com
Mumbai | Navi Mumbai | Ahmedabad | Vadodara | Vapi | Pune | Bangalore | Chennai | Goa | Delhi | Kolkata