This Fortune 100 financial services organization, one of the largest banking institutions in the United States, knows a thing or two about managing risk responsibly
Throughout the years, they have been early adopters of disruptive ideas — from launching online trading when the internet first emerged into the mainstream, to eliminating account fees for clients.
The security team at this multinational institution, responsible for safeguarding the company’s security posture from unwanted intrusions, is always keeping an eye out for transformative technologies and processes to bolster their defenses. And at .conf18, they came across one topic that left a lasting impression: risk-based alerting (RBA).
When the team returned home, they made the implementation of RBA their top priority. RBA augmented the organization’s existing Splunk Enterprise Security solution to illustrate a different story: an attribution-based one. These seemingly subtle changes in mindset and processes empowered the team with a better way to collect pertinent security context and accelerate threat hunting.