A top global physical security firm wanted to regain confidence about preventing ransomware and identifying credential forgeries, especially as both types of attacks grew in popularity and lethality.
QOMPLX filled the gaps of the client's existing cybersecurity infrastructure to improve security health and resistance to attackers.
A top global physical security firm grew worried about ransomware and credential forgeries, especially as both types of attacks grew in popularity and lethality.
Despite employing a Gartner Magic Quadrant-leading endpoint detection response (EDR) solution, the firm had additional concerns about validation and visibility into its critical controls infrastructure.
After penetration tests and security assessments, the firm discovered a significant security gap around detecting attacks that bypass standard authentication controls such as EDR, security information, and event management solutions.
The firm needed to regain control confidence - quickly.
The QOMPLX:CYBER platform was deployed with considerations to ensure compliance with the regulations that come with the client’s global presence and sensitive clients.
First, QOMPLX used its Privilege Assurance software to assess the state of the firm’s AD security, map trusts, identify configuration weaknesses, identify stale accounts and identify permission concentration and accounts that were vulnerable to attack.
QOMPLX experts identified critical issues and provided long-term recommendations to support their hyper-growth strategy. Then, QOMPLX installed its Identity Assurance software to immediately identify attacks, including those already evading the client’s EDR software.
With QOMPLX, the client gained complete visibility into their critical control infrastructure for identity and all identity authentication-related activity.
The superior accuracy and time to validate all authentication transactions against forgery attempts delivers the tactical position required to protect against ransomware and credential forgery attacks.
With QOMPLX Identity Assurance enabled, the client’s previous security lapses were removed, and their security is now fortified. Also, identity and authentication attacks are now detected and managed confidently.