OTHER DATA PROTECTION CASE STUDIES
Data Protection platform integration with Snowflake
Data Protection platform integration with Hadoop Hive
SparkSQL integration with Leading Data Privacy platform
Data Protection platform integration with Amazon Redshift
Google Cloud Monitoring Solution (Stackdriver) integration with Data Protection Platform
Categories
Customer and Background
Client is a leading SIEM solution provider
Client provided MSSP services to customers using its SIEM product. The client wanted to develop a centralized platform for its Security Analyst to better respond to security threats for its customers. This centralized platform intended to provide a single pane view with details such as
Risk and Compliance dashboard, create orchestration flows, get more contextual information from 3rd party platforms, Operations and team efficiency monitoring etc.
Challenges
Client was providing MSSP services to customers spread across multiple locations. Challenges were access to the SIEM instances, retrieval of events data in varied format from customer instances, analysis and solution design for various 3rd party integrations, Identity and Access Management for MSSP team
Technologies Stack
Python, Flask, Regular expressions
Our Solution
We developed a centralized platform using Python and Flask framework. The solution was integrated with the client’s AD for authentication. Granular access management was built. Python scripts were developed for data processing and automation.
Key Highlights of the Engagement were:
- Centralized scalable platform with support for multi-tenancy built
- Granular access management for Security analyst was developed
- Standardized interface to integrate with 3rd party products
- End-to-End set up of test management processes
- Automate test case using selenium to reduce regression time
- Configuration driven scripts
Business Benefits
- Single Platform for Security analyst to monitor multiple SIEM instances
- Summary reports and dashboard for Top management enables non-jargon based view
- Near Real time view of Risk and Compliance through dashboards and reports
- More contextual data enables better and faster response by SOC team
- Solve targeted requirements by building Orchestration flows
- A single view of the team efficiency for Management
- Creation of tickets in Ticketing Systems for better follow-ups and closure
info@sacumen.com
+91 80 4976 5878
There are no reviews yet.