下载PDF
Redscan > 实例探究 > 利用 EDR 消除私人医疗保健中的高级威胁
Redscan Logo

Leveraging EDR to Combat Advanced Malware Threats in Healthcare

技术
  • 网络安全和隐私 - 入侵检测
  • 网络安全和隐私 - 恶意软件保护
适用行业
  • 医疗保健和医院
  • 国家安全与国防
用例
  • 入侵检测系统
  • 篡改检测
服务
  • 网络安全服务
  • 培训
挑战
作为一家私营医疗机构,客户处理大量敏感患者数据,需要在传统周边解决方案之外改进对这些信息的保护。他们成为一种复杂类型的恶意软件的目标,这些恶意软件试图获取员工凭证并窃取数据。
关于客户
该客户是一家位于英国的私人医疗机构。他们处理大量患者数据,包括高度敏感的医疗记录。
解决方案
客户利用 Redscan 的托管端点检测和响应 (EDR) 服务快速有效地消除恶意软件。 Redscan 的 EDR 服务包括主动入侵检测系统 (IDS) 和安全信息与事件管理 (SIEM) 监控,以及 Carbon Black 的响应解决方案,用于增强事件可见性、威胁搜寻和事件响应。
运营影响
  • The incident response capabilities of Redscan’s Managed Endpoint Detection and Response service proved crucial in quickly identifying and responding to the malware attack. The service's Proactive Intrusion Detection System (IDS) and Security Information and Event Management (SIEM) monitoring helped identify the attack, while Carbon Black’s Response solution enhanced event visibility, threat hunting, and incident response. The Redscan team was able to quickly isolate all infected hosts from the network, preventing additional infections. The team also conducted a detailed digital forensics investigation to understand the kill chain of the attack. Following the incident, the Redscan team prepared a detailed report for the client, including a full event timeline and a list of recommendations to help mitigate the risk of future attacks.

数量效益
  • Quick identification and response to the malware attack, minimizing operational disruption

  • Successful isolation and cleaning of all infected machines

  • No evidence of data loss despite the malware's attempt to conduct an internal network IP scan

相关案例.

联系我们

欢迎与我们交流!

* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

Thank you for your message!
We will contact you soon.