Home > Case studies

Case Study

Level 3 expertise and support in CSIRT

Cybersecurity expert implementing an incident management procedure
Industry
  • Banking & Finance

 

Challenge
  • We were integrated into the Computer Security Incident Response Team (CSIRT) of a major player in the banking sector

Solution

The service involved:

  • Managing level 3 incidents (vulnerabilities, APTs, viruses, etc.).
  • Creating, testing, implementing and maintaining security incident detection rules.
  • Creating and implementing incident management procedures.
  • Coordinating level 2 SOC operations.
  • Carrying out digital investigations / forensics.
  • Hunting threats, analyzing weak signals and developing SIEM use cases.
  • Taking part in the implementation and maintenance of the SIEM, and other security platforms managed by the team.
  • Contributing to log collection and onboarding architecture projects.

Keys to success

  1. Our expertise in security and an in-depth understanding of security production issues in a bank.
  2. Our ability as a service provider to advance subjects in a matrix organization by relying on other production teams.
  3. Our resistance to stress in order to apply their analytical skills and the ability to remain calm during security incidents.
  4. Our good communication skills to manage resistance to change within projects.