When I’m thinking about Switzerland, I often think of the Swiss Alps, great chocolate and the famous Swiss army knife. The flexibility of the Swiss army knife reminds me how Swiss bank PostFinance is using the Splunk platform in multiple ways.
We say that Splunk is a SIEM and can fulfill all SIEM use cases but also Splunk is so much more – and PostFinance has proved it once again.
Splunk as a Fraud Platform
PostFinance is using Splunk for compliance and regulation, but beyond those traditional SIEM use cases they also use Splunk as fraud platform, using the insights to protect their customers’ bank accounts and digital payments. In their online banking portal alone they have over 1.6 million customers they have to protect. They are not just detecting and identifying new fraud patterns with Splunk, they are also operationalizing their fraud workflow which enables them to escalate issues to law enforcement and easily make all required details available.
For example, if they find out that their customers are being phished and sent to a fake online banking web portal, the online security team can mimic the actions of a customer to get more information. Each attack stage is monitored through Splunk Enterprise, providing details around the pattern of fraudulent activity. This allows them to identify attacked accounts and monitor activity in real time to determine whether further action is needed.
“Our use of the Splunk platform has grown dramatically and it is now an integral part of our IT operations, providing insights in areas from e-commerce to security and fraud. Ultimately, with Splunk Enterprise, we have improved the protection we offer our customers.”
Patrick Hoffman, Head of IT Infrastructure
Splunk as a Business Analytics Solution
In addition to the security use cases, the bank is also providing insights for its product management teams, so they can create customized offers to merchants or develop new products that better meet market requirements.
Learn more about Splunk @PostFinance
Want to learn more about the use of Splunk, which data sources they are feeding into the platform and the challenges they overcame?
- Read the case study
- Review the .conf2015 presentation from Patrick Hoffman, Head of IT Infrastructure.