Organization:

Gas and Energy Pioneering Company

Location:

Mumbai, Maharashtra

Domain:

Energy

Solutions Offered:

Managed SOC Services

Overview

The company is a Gas and Energy Pioneer player working in ensuring a regular and sustainable supply of clean, environment-friendly natural gas fuel at strategic locations on the East and West coasts of India. The company operates into varied requirements such as supply of gas, and reloading of LNG tankers. The company also has sustainable energy infrastructure at Dabhol and Jaigarh and also planning to expand the project to another location.

 

Along with sustainable energy, sustainable IT Infra and Cyber security is need of an hour. Hence company was evaluating for log aggregation and security operation center tools to get complete visibility across their Infra AD and cloud

The Challenge:

The growing value of business data, the vulnerability aspect of the network systems, and the importance of fuel infrastructure have made oil and gas companies major targets of sophisticated cyber-attacks. On-going digitization in the industry and a transition away from centralized systems to distributed management strategies have further contributed to the risk. Legacy systems that were never intended to be easily accessible are now connected to the internet for visibility and maintenance purposes, closing the IT-OT gap for the industry. These systems store an immense amount of critical information which makes them prime targets for malicious attackers.

 

Furthermore, connected devices across the network and guest users have opened new gates for constant threats from criminal enterprises, state actors, and so-called hacktivists with political agendas. As a result, effective cybersecurity for oil and gas is becoming increasingly necessary. Also, customers required a robust endpoint protection solution that could detect and remediate the threats on end-user devices automatically.

AtmosSecure Solution:

AtmosSecure Managed SOC Service provided by Network Techlab is powered by advanced SIEM Solutions based on Artificial Intelligence and Machine Learning. This gives real-time processing speed with Big/Fast Data technology to detect vulnerabilities and suspicious activities at the company environment. Thanks to our Endpoint Detection and Response EDR agent which was deployed on 150+ endpoints to monitor activities such as process executions, connections, data transferred, etc. Our key contributions in delivering solutions included:

  • 24/7 threat monitoring, precise analysis and rapid response.
  • Real-time alerts with classification based on the severity of intrusion and exfiltration attempts, malware infection, web application exploits and other security incidents.
  • File and process analysis on endpoints to detect threats and mitigate them at the source itself.
  • Threat containment via isolation of potentially compromised hosts from all network activity.
  • Centralized management of endpoint security.
  • SOAR policies for auto-remediation of alerts.
  • Privilege monitoring and alerting for every account, system and group.

Benefits:

AtmosSecure Managed SOC solution has enabled the customer to greatly improve its cyber security posture. Our lightweight EDR agent does not overload the endpoint or consume excessive amounts of processing power. Furthermore, auto-remediation and containment of threats helps reduce the burden on customer’s IT team. Also, notifications and recommendations of the SOC team are raising cyber security awareness at company’s operational as well as top management level.

  • Improve threat detection and response through 24×7 monitoring.
  • Receive alerts for any anomalous or suspicious activity along with recommendations.
  • Provide real-time visibility via continuous monitoring of endpoints.
  • Deploy EDR agent across hundreds of endpoints rapidly.
  • Perform manual and automatic remediation of threats on endpoints.
  • Provide up-to-date threat research databases and security technologies.