Expel Case Studies Daylight Transport Enhances Cybersecurity with Expel’s Managed Detection and Response

Edit This Case Study Record

	Daylight Transport Enhances Cybersecurity with Expel’s Managed Detection and Response Expel

Daylight Transport Enhances Cybersecurity with Expel’s Managed Detection and Response

Expel

Technology Category	Cybersecurity & Privacy - Cloud Security Sensors - Temperature Sensors
Applicable Industries	National Security & Defense Transportation
Applicable Functions	Logistics & Transportation Product Research & Development
Use Cases	Autonomous Transport Systems Vehicle-to-Infrastructure
Services	Cloud Planning, Design & Implementation Services System Integration
Challenge	Daylight Transport, a leading transportation and logistics company, experienced rapid growth over the years, leading to an increased transition to cloud infrastructure. The company was already security-conscious, understanding the major risks facing the industry, particularly the devastating potential of a ransomware attack. However, they felt their existing Managed Security Service Provider (MSSP) was too reactive and didn't provide the necessary information and visibility. They received alerts but no answers, leading to hours spent investigating these alerts. At times, a team of three employees had to work through over 1,000 alerts sent back from their MSSP each week. The MSSP also didn't provide monitoring and visibility across Daylight Transport’s environment, particularly in the cloud. To get more coverage, they would have needed to send additional logs from their Security Information and Event Management (SIEM), increasing both their MSSP and data transfer costs. As a result, the company decided it was time for a change to align with its more proactive security goals. Read More
About Customer	Daylight Transport is a privately-held expedited LTL (less-than-truckload) transportation and logistics company. The company offers expedited LTL freight delivery across the U.S., guaranteeing time definite service. Daylight Transport prides itself on its customer service and has been nationally recognized as Inbound Logistics’ Top 100 Motor Carriers, Los Angeles Business Journal’s 100 fastest-growing companies four years in a row, and one of Los Angeles Business Journal’s 100 largest privately held companies. Over the past several years, the company has experienced rapid growth, leading to an increased transition to cloud infrastructure. Read More
Solution	Daylight Transport decided to replace their MSSP with Expel, a 24x7 managed detection and response (MDR) provider. Expel used APIs to easily integrate with and begin monitoring Daylight Transport’s existing tech stack, providing 24x7 monitoring and response of its full environment within days of onboarding. Expel provided answers, remediation actions, and resilience recommendations for alerts, which made a significant difference to the team. One of the most valuable parts of working with Expel was being able to see every step of every alert investigation in real time in the Expel Workbench™ dashboard. Daylight Transport receives over 70,000 alerts from its security tech each month. After Expel’s bots research and triage these alerts, less than 40 require further review by Expel analysts, and less than 10 require action from the Daylight Transport team. Expel also quickly notified Daylight Transport of the details and recommended actions for logins from an overseas service provider situated on the border of two countries, with an IP range spanning both. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Cloud Security

Sensors - Temperature Sensors

Applicable Industries

National Security & Defense

Transportation

Applicable Functions

Logistics & Transportation

Product Research & Development

Use Cases

Autonomous Transport Systems

Vehicle-to-Infrastructure

Services

Cloud Planning, Design & Implementation Services

System Integration

Challenge

Daylight Transport, a leading transportation and logistics company, experienced rapid growth over the years, leading to an increased transition to cloud infrastructure. The company was already security-conscious, understanding the major risks facing the industry, particularly the devastating potential of a ransomware attack. However, they felt their existing Managed Security Service Provider (MSSP) was too reactive and didn't provide the necessary information and visibility. They received alerts but no answers, leading to hours spent investigating these alerts. At times, a team of three employees had to work through over 1,000 alerts sent back from their MSSP each week. The MSSP also didn't provide monitoring and visibility across Daylight Transport’s environment, particularly in the cloud. To get more coverage, they would have needed to send additional logs from their Security Information and Event Management (SIEM), increasing both their MSSP and data transfer costs. As a result, the company decided it was time for a change to align with its more proactive security goals.

About Customer

Daylight Transport is a privately-held expedited LTL (less-than-truckload) transportation and logistics company. The company offers expedited LTL freight delivery across the U.S., guaranteeing time definite service. Daylight Transport prides itself on its customer service and has been nationally recognized as Inbound Logistics’ Top 100 Motor Carriers, Los Angeles Business Journal’s 100 fastest-growing companies four years in a row, and one of Los Angeles Business Journal’s 100 largest privately held companies. Over the past several years, the company has experienced rapid growth, leading to an increased transition to cloud infrastructure.

Solution

Daylight Transport decided to replace their MSSP with Expel, a 24x7 managed detection and response (MDR) provider. Expel used APIs to easily integrate with and begin monitoring Daylight Transport’s existing tech stack, providing 24x7 monitoring and response of its full environment within days of onboarding. Expel provided answers, remediation actions, and resilience recommendations for alerts, which made a significant difference to the team. One of the most valuable parts of working with Expel was being able to see every step of every alert investigation in real time in the Expel Workbench™ dashboard. Daylight Transport receives over 70,000 alerts from its security tech each month. After Expel’s bots research and triage these alerts, less than 40 require further review by Expel analysts, and less than 10 require action from the Daylight Transport team. Expel also quickly notified Daylight Transport of the details and recommended actions for logins from an overseas service provider situated on the border of two countries, with an IP range spanning both.

Impact #1	Working with Expel has led to faster incident response times and the opportunity to focus on security priorities related to Daylight Transport’s continued growth. This includes supporting the company’s continued transition to the cloud. Expel has helped reduce the workload for alerts enough that the next hire can now take over daily responsibilities, allowing the team to do more security engineering work in the cloud. Time back in their day also enabled the Daylight Transport team to deploy new security tech and improve their reporting. Another benefit is the expertise in Expel’s SOC, which gives the team confidence to trust Expel to remediate automatically to prevent threats from spreading. Now, when the team sees something they don’t quite understand or want more context on, they check out Expel Workbench and find that Expel is already addressing it.

Impact #1

Working with Expel has led to faster incident response times and the opportunity to focus on security priorities related to Daylight Transport’s continued growth. This includes supporting the company’s continued transition to the cloud. Expel has helped reduce the workload for alerts enough that the next hire can now take over daily responsibilities, allowing the team to do more security engineering work in the cloud. Time back in their day also enabled the Daylight Transport team to deploy new security tech and improve their reporting. Another benefit is the expertise in Expel’s SOC, which gives the team confidence to trust Expel to remediate automatically to prevent threats from spreading. Now, when the team sees something they don’t quite understand or want more context on, they check out Expel Workbench and find that Expel is already addressing it.

Benefit #1	66% less time spent sifting through alerts
Benefit #2	24×7 monitoring, investigation, and answers from an expert Security Operations Center (SOC)
Benefit #3	Full visibility across on-prem and cloud environments

Benefit #1

66% less time spent sifting through alerts

Benefit #2

24×7 monitoring, investigation, and answers from an expert Security Operations Center (SOC)

Benefit #3

Full visibility across on-prem and cloud environments

Download PDF Version

Overview

Daylight Transport Enhances Cybersecurity with Expel’s Managed Detection and Response

Operational Impact

Quantitative Benefit