global-banking

Problems being faced by the customer/Specific business need/Pain point to address:

A customer is unable to carry out log integration and monitoring through SIEM. Custom contents needs to be built for the business as OOB use cases are not suitable. Performing custom field extractions and DSM development can help settle this complication.

Solutions applied:

  • Log Collection – Custom log source attachment – Multiple Custom Applications/Servers/ Tools with no OOB support . OOB support is not available for these log sources. Solution involved :
    • Integration
    • Log Analysis
    • Custom DSM Development
    • Custom fields extractions
  • Use case creation
    • Carried out the threat modelling exercise to understand the possible threat scenarios.
    • Developed the custom Use cases and dashboards based on privileged monitoring scenarios and available data sources.
  • Tuning the QRadar environment
    • Creating rules, saving searches, and fine tuning
    • Scheduling and modifying reports

Benefits delivered

Single point of monitoring all audit logs and alerts on violations, possible security threats for custom application/tools which have no OOB support in QRadar

# IBM Security

Recent Use Cases

ATM Analytics: Boosting Availability & Customer Satisfaction
Splunk use case to track and spot suspicious user entries
Intelligent Compliance dashboard and reporting for financial major

Get in touch

Send us a Message

Looking for general information or have a specific question. Fill the form below or drop
us a line at susan@positka.com.

logo-img

Positka specializes in high-end technology solutions to help businesses improve their IT infrastructure with advanced Security Protocols, excellence in Analytics, Streamlined IT Operations, & around-the-clock Managed services.

Quick Links

Services

Copyright Positka © . All Rights Reserved.