Defending the Enterprise from Cyber Attacks

技术

网络安全和隐私 - 入侵检测
网络安全和隐私 - 网络安全
网络安全和隐私 - 安全合规

适用行业

零售

适用功能

商业运营
质量保证

用例

入侵检测系统

服务

系统集成
培训

挑战

Save Mart Supermarkets faced the growing threat of cyber attacks, recognizing that it was not a matter of 'if' but 'when' they would be breached. The company needed to shift its focus from pure prevention to detection and response planning to become a resilient organization capable of bouncing back quickly from attacks. The challenge was to keep security top of mind within the organization, share threat data, educate employees, and deploy the right tools to match the organization's needs. The goal was to have visibility into the enterprise, monitor traffic through servers before an attack happens, and react promptly when an attack occurs.

关于客户

Save Mart Supermarkets is a California-based corporation that owns and operates 220 stores in Northern California and Northern Nevada. As a significant player in the retail industry, Save Mart faces numerous transactions daily, especially on the point-of-sale (POS) system side. The company employs a substantial workforce across its 213 stores, making it crucial to have robust security measures in place to protect sensitive customer data and maintain operational integrity. The information security administrator at Save Mart is responsible for ensuring the company's defenses against evolving cyber threats are up to date and effective.

解决方案

Save Mart Supermarkets implemented the AlienVault Unified Security Management (USM) platform to defend against today's evolving threat landscape. The USM platform includes an Open Source Host Intrusion Detection System (HIDS) known as OSSEC for file integrity monitoring and log collection. OSSEC is deployed on all POS systems to provide a comprehensive view of system activities, including user access patterns, attempted exploits, and changes to critical files. Additionally, AlienVault USM incorporates Snort/Suricata for network-level intrusion detection and behavioral analysis through Netflow integration. The platform also features a fully functional Security Information and Event Management (SIEM) system for log file aggregation and correlation, as well as a vulnerability management system. Save Mart also utilizes AlienVault’s Open Threat Exchange (OTX) to gain insights into global threat trends and focus on specific threats relevant to their organization. The combination of these tools allows Save Mart to monitor and react to attacks promptly, minimizing potential damage.

运营影响

The implementation of AlienVault USM provided Save Mart with comprehensive visibility into their enterprise, allowing them to monitor traffic through servers and detect potential threats before they could cause significant damage.
The use of OSSEC on all POS systems enabled Save Mart to track user access patterns, detect attempted exploits, and monitor changes to critical files, enhancing their ability to identify and respond to security incidents.
AlienVault’s Open Threat Exchange (OTX) helped Save Mart understand global threat trends and focus on specific threats relevant to their organization, improving their overall threat intelligence and response capabilities.

数量效益

Save Mart operates 220 stores in Northern California and Northern Nevada, requiring robust security measures to protect a large volume of transactions.
The company employs a substantial workforce across its 213 stores, necessitating comprehensive security training and awareness programs.
The implementation of AlienVault USM and its various tools provided Save Mart with a 360-degree view of system activities, significantly enhancing their ability to detect and respond to threats.