Forcepoint Case Studies Wall Street Firm Discovers Zero-day Threat

Edit This Case Study Record

	Wall Street Firm Discovers Zero-day Threat Forcepoint

Wall Street Firm Discovers Zero-day Threat

Forcepoint

Technology Category	Cybersecurity & Privacy - Network Security
Applicable Industries	Finance & Insurance
Applicable Functions	Business Operation
Use Cases	Cybersecurity
Services	Cybersecurity Services
Challenge	The mid-sized technology company, which provides services to high-value targets on Wall Street, was facing a significant cybersecurity threat. Despite having a high-end 'Next-Gen-Firewall' installed, the firm discovered that ten internal IPs were contacting Malware Command and Control destinations outside the firewall. Some of the internal IPs had multiple malware infections. The firm was an ideal back door for hackers who could inject malware into the service provider, gain access credentials to their customers, and exfiltrate high-value data without being detected. The average breach lasts almost eight months, posing a significant risk to the firm and its clients. Read More
About Customer	The customer is a mid-sized technology company that provides services to high-value targets on Wall Street. As a service provider to these high-profile clients, the company is a prime target for hackers looking to gain access to sensitive financial data. The company has invested in high-end cybersecurity measures, including a 'Next-Gen-Firewall', to protect its network and the data of its clients. However, despite these measures, the company discovered that it was still vulnerable to malware attacks, with several internal IPs contacting Malware Command and Control destinations outside the firewall. Read More
Solution	The company turned to Bitglass and its Breach Discovery Service to address this cybersecurity threat. The CTO of the firm uploaded one week of firewall logs to the Bitglass service, which included 'application logs,' 'unclassified URLs,' and 'layer 4 logs.' The Bitglass Breach Discovery Engine analyzed these logs and identified several high-risk cloud apps on the network, posing a compliance risk. More importantly, the engine discovered the malware infections on the internal IPs. Bitglass' Breach Discovery Engine tracks the latest risks to uncover breaches early, enabling the company to limit the damage caused by these breaches. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Network Security

Applicable Industries

Finance & Insurance

Applicable Functions

Business Operation

Use Cases

Cybersecurity

Services

Cybersecurity Services

Challenge

The mid-sized technology company, which provides services to high-value targets on Wall Street, was facing a significant cybersecurity threat. Despite having a high-end 'Next-Gen-Firewall' installed, the firm discovered that ten internal IPs were contacting Malware Command and Control destinations outside the firewall. Some of the internal IPs had multiple malware infections. The firm was an ideal back door for hackers who could inject malware into the service provider, gain access credentials to their customers, and exfiltrate high-value data without being detected. The average breach lasts almost eight months, posing a significant risk to the firm and its clients.

About Customer

The customer is a mid-sized technology company that provides services to high-value targets on Wall Street. As a service provider to these high-profile clients, the company is a prime target for hackers looking to gain access to sensitive financial data. The company has invested in high-end cybersecurity measures, including a 'Next-Gen-Firewall', to protect its network and the data of its clients. However, despite these measures, the company discovered that it was still vulnerable to malware attacks, with several internal IPs contacting Malware Command and Control destinations outside the firewall.

Solution

The company turned to Bitglass and its Breach Discovery Service to address this cybersecurity threat. The CTO of the firm uploaded one week of firewall logs to the Bitglass service, which included 'application logs,' 'unclassified URLs,' and 'layer 4 logs.' The Bitglass Breach Discovery Engine analyzed these logs and identified several high-risk cloud apps on the network, posing a compliance risk. More importantly, the engine discovered the malware infections on the internal IPs. Bitglass' Breach Discovery Engine tracks the latest risks to uncover breaches early, enabling the company to limit the damage caused by these breaches.

Impact #1	The company was able to identify several high-risk cloud apps on its network, posing a compliance risk.
Impact #2	The company discovered malware infections on several internal IPs, highlighting a significant cybersecurity threat.
Impact #3	The company was able to uncover these breaches early, limiting the potential damage caused by these breaches.

Impact #1

The company was able to identify several high-risk cloud apps on its network, posing a compliance risk.

Impact #2

The company discovered malware infections on several internal IPs, highlighting a significant cybersecurity threat.

Impact #3

The company was able to uncover these breaches early, limiting the potential damage caused by these breaches.

Benefit #1	10 internal IPs were found to be contacting Malware Command and Control destinations outside the firewall.
Benefit #2	Some of the internal IPs had multiple malware infections.

Benefit #1

10 internal IPs were found to be contacting Malware Command and Control destinations outside the firewall.

Benefit #2

Some of the internal IPs had multiple malware infections.

Download PDF Version

Overview

Wall Street Firm Discovers Zero-day Threat

Operational Impact

Quantitative Benefit