Alleviated data pipeline and reduced costs by only indexing actionable insights
Improved speed and accuracy of alerts on suspicious events
Faster investigations from threat alert to packet data in three clicks
Today, banking customers expect to access their accounts and manage their finances from any device, in any location, with the same level of consistent service and security. For IT and security operations teams, providing both of these things is no simple task.
For one global financial institution, finding the right balance between security and user experience came to a head when the security team wanted to incorporate real-time user behavior analytics into their authentication process. In order to do this, the security team needed to capture thousands of customer logins each minute, across dozens of banking applications, and stream this information into their Security Information and Event Management (SIEM) solution. While this measure would improve security and compliance, it also would have significantly impacted end-user experience over time. In order to align security priorities with IT operations requirements around system performance and user experience, the financial institution needed to find a better way to get the user behavior data into their SIEM.
In the past we have paid tens of thousands of dollars to outside contract vendors to do less than a 10th of what you have shown us in the amount of time the appliance has been onsite.
Sr. Mgr. of Operations Major Financial Corporation
For the security team, it turned out that the solution was right under their noses. The network team at the financial institution had long been using ExtraHop for performance management, giving them visibility from the infrastructure to the application and correlating it with end-user experience. ExtraHop's passive, out-of-band analytics not only provided the information the security team needed about user behavior, it did so without any performance impact on the banking applications.