Page 10 - Discover intelligent security for your organization
P. 10
CASE STUDY
Global software company
Situation
The client wanted to implement threat intelligence in their existing
security processes that would resolve workflow inefficiencies due to
manual investigations and lack of context around threats.
Challenge
The client was investigating alerts from Microsoft Sentinel manually,
which was a taking anywhere from 5 to 15 minutes per alert through
a variety of tools. False positives were resulting in analysts spending
valuable time researching these alerts. Additionally, the client was
concerned about mentions of their brand and employee information
being leaked on the dark web.
Result
By integrating Recorded Future with Microsoft Sentinel, the client was
able to:
• Reduce investigation time on alerts, resulting in savings of more than
6 days of research per month, freeing staff to focus on different
areas of security.
• Channel the many different intelligent sources they were using directly
into Microsoft Sentinel, to reduce the need for external research.
• Reduce the number of false positives the team sees by enriching
alerts within Microsoft Sentinel with Recorded Future external intel-
ligence so the client can better understand alert severity and better
prioritize alert triage.
• Proactively prevent threats and maximize their investment in
Microsoft Azure.
10 » Discover intelligent security for your organization