Expel Case Studies Expel's Automated Solution Enhances BeyondTrust's Security Operations

Edit This Case Study Record

	Expel's Automated Solution Enhances BeyondTrust's Security Operations Expel

Expel's Automated Solution Enhances BeyondTrust's Security Operations

Expel

Technology Category	Cybersecurity & Privacy - Intrusion Detection Networks & Connectivity - 5G
Applicable Industries	Cement National Security & Defense
Use Cases	Cybersecurity Tamper Detection
Services	Cloud Planning, Design & Implementation Services System Integration
Challenge	BeyondTrust, a global leader in intelligent identity and access security, faced a significant challenge as it expanded. The company needed to evaluate its security posture both internally and externally to understand the risks it faced. Given the high-stakes nature of BeyondTrust’s offering, they couldn’t afford a security breach that could damage the brand’s reputation and its bottom line. The company recognized the need for additional threat detection and automated remediation for assets across the world. This approach was needed to complement BeyondTrust’s own identity and access security solutions for complete coverage of on-premise and cloud assets. BeyondTrust wanted an adaptable and automated solution for faster detection and remediation to protect the company while keeping up with its rapid growth. The company initially selected and onboarded a managed detection and response (MDR) provider, but soon realized that its MDR’s slow response times and inadequate communication approach jeopardized its ability to quickly neutralize threats. Read More
About Customer	BeyondTrust is a global leader in intelligent identity and access security, empowering organizations to protect identities, stop threats, and deliver dynamic access to empower and secure a work-from-anywhere world. BeyondTrust offers the industry’s most advanced privileged access management (PAM) solution, enabling organizations to quickly shrink their attack surface across traditional, cloud, and hybrid environments. The company is trusted by 20,000 customers, including 75 of the Fortune 100. Over the last five years, BeyondTrust has experienced exponential growth in its employee base and has also gained a more expansive network of third-party and internal solutions that called for increasingly complex integrations. Read More
Solution	BeyondTrust decided to partner with Expel, a provider of managed detection and response (MDR) services. Expel’s plug-and-play capabilities meant that it easily and directly integrated with BeyondTrust’s existing technology stack via APIs. If Expel doesn’t provide an out-of-the-box integration, the Expel team still finds a way to connect, as it does with BeyondTrust’s SIEM. Expel accesses security-related logs, providing the security team with the visibility needed to improve detections and contextual data relevant to specific alerts. BeyondTrust was also thrilled with Expel’s rapid response to potential threats, partially enabled by Expel’s bot Ruxie™, which adds enrichment to interesting cases and auto-remediates events that don’t require an analyst investigation. Expel’s real-time, comprehensive communication in jargon-free language keeps BeyondTrust's team in the loop without delays caused by incomplete or indecipherable data. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Intrusion Detection

Networks & Connectivity - 5G

Applicable Industries

Cement

National Security & Defense

Use Cases

Cybersecurity

Tamper Detection

Services

Cloud Planning, Design & Implementation Services

System Integration

Challenge

BeyondTrust, a global leader in intelligent identity and access security, faced a significant challenge as it expanded. The company needed to evaluate its security posture both internally and externally to understand the risks it faced. Given the high-stakes nature of BeyondTrust’s offering, they couldn’t afford a security breach that could damage the brand’s reputation and its bottom line. The company recognized the need for additional threat detection and automated remediation for assets across the world. This approach was needed to complement BeyondTrust’s own identity and access security solutions for complete coverage of on-premise and cloud assets. BeyondTrust wanted an adaptable and automated solution for faster detection and remediation to protect the company while keeping up with its rapid growth. The company initially selected and onboarded a managed detection and response (MDR) provider, but soon realized that its MDR’s slow response times and inadequate communication approach jeopardized its ability to quickly neutralize threats.

About Customer

BeyondTrust is a global leader in intelligent identity and access security, empowering organizations to protect identities, stop threats, and deliver dynamic access to empower and secure a work-from-anywhere world. BeyondTrust offers the industry’s most advanced privileged access management (PAM) solution, enabling organizations to quickly shrink their attack surface across traditional, cloud, and hybrid environments. The company is trusted by 20,000 customers, including 75 of the Fortune 100. Over the last five years, BeyondTrust has experienced exponential growth in its employee base and has also gained a more expansive network of third-party and internal solutions that called for increasingly complex integrations.

Solution

BeyondTrust decided to partner with Expel, a provider of managed detection and response (MDR) services. Expel’s plug-and-play capabilities meant that it easily and directly integrated with BeyondTrust’s existing technology stack via APIs. If Expel doesn’t provide an out-of-the-box integration, the Expel team still finds a way to connect, as it does with BeyondTrust’s SIEM. Expel accesses security-related logs, providing the security team with the visibility needed to improve detections and contextual data relevant to specific alerts. BeyondTrust was also thrilled with Expel’s rapid response to potential threats, partially enabled by Expel’s bot Ruxie™, which adds enrichment to interesting cases and auto-remediates events that don’t require an analyst investigation. Expel’s real-time, comprehensive communication in jargon-free language keeps BeyondTrust's team in the loop without delays caused by incomplete or indecipherable data.

Impact #1	The partnership with Expel has brought significant operational benefits to BeyondTrust. The time freed up from reviewing SIEM logs and writing rules has allowed BeyondTrust's team to focus on improving processes, migrating new technology, and advancing the company’s overall security posture. Expel’s real-time, comprehensive communication in jargon-free language keeps BeyondTrust's team in the loop without delays caused by incomplete or indecipherable data. The inconsistent communications of previous providers forced the team to waste valuable time asking follow-up questions, sometimes putting them days behind the curve. With Expel, BeyondTrust can now focus on improving their responses and focus on high-fidelity alerts. Looking ahead, BeyondTrust is planning to expand Expel into other portions of its cloud infrastructure for continued coverage and automation.

Impact #1

The partnership with Expel has brought significant operational benefits to BeyondTrust. The time freed up from reviewing SIEM logs and writing rules has allowed BeyondTrust's team to focus on improving processes, migrating new technology, and advancing the company’s overall security posture. Expel’s real-time, comprehensive communication in jargon-free language keeps BeyondTrust's team in the loop without delays caused by incomplete or indecipherable data. The inconsistent communications of previous providers forced the team to waste valuable time asking follow-up questions, sometimes putting them days behind the curve. With Expel, BeyondTrust can now focus on improving their responses and focus on high-fidelity alerts. Looking ahead, BeyondTrust is planning to expand Expel into other portions of its cloud infrastructure for continued coverage and automation.

Benefit #1	Response time reduced from multiple hours to immediate action in minutes
Benefit #2	Efficient alert triage promoting only necessary alerts
Benefit #3	Integrations with third-party technology, such as EDR and SIEM allowing for more flexibility

Benefit #1

Response time reduced from multiple hours to immediate action in minutes

Benefit #2

Efficient alert triage promoting only necessary alerts

Benefit #3

Integrations with third-party technology, such as EDR and SIEM allowing for more flexibility

Download PDF Version

Overview

Expel's Automated Solution Enhances BeyondTrust's Security Operations

Operational Impact

Quantitative Benefit