Introduction
Our esteemed client stands as one of the largest and most influential enterprises in the petroleum and chemicals sector. With a global footprint, the company operates across continents, engaging in a comprehensive spectrum of activities that encompass exploration, production, refining, distribution, shipping, and marketing. Renowned for its scale, expertise, and multifaceted operations, this industry leader plays a pivotal role in shaping the dynamics of the global petroleum and chemicals landscape.
As a powerhouse in the petroleum and chemicals domain, our client's influence extends across the entire value chain of the industry. Boasting a significant presence on a global scale, the company is not merely a participant but a key driver in the realms of exploration, production, refining, distribution, shipping, and marketing.
Challenge
A detrimental incident where a malevolent virus infiltrated the Company's network from external sources, causing widespread infection across numerous workstations, the Customer recognized the urgent need to assess the root causes and implement robust changes to mitigate the risk of future attacks. In response to the severity of potential threats, the Customer opted to employ Juniper STRM as a Security Information and Event Management (SIEM) solution. This strategic choice aimed to facilitate the comprehensive collection, logging, correlation, and analysis of security events within the expansive enterprise networks.
To fortify their cybersecurity posture, the Customer engaged the expertise of ACI Infotech, a renowned SIEM consulting firm with a proven track record in the QRadar SIEM/Juniper STRM domain. Recognized for their proficiency in developing custom security solutions to enhance SIEM architecture, ACI Infotech information security experts collaborated with the Customer to delve into the specifics of the incident. Their objective was to discern the vulnerabilities that had been exploited and formulate tailored strategies to bolster the organization's defenses against potential large-scale damage from future cyber threats.
