Skip to Navigation Skip to Content

Connect with Customers. Disconnect from Risks.

Enterprise

Before becoming a ThreatSTOP customer, the global equipment manufacturer had every flashy security product implemented in their network - yet they were still constantly being attacked. With all systems showing zero gaps, and no unpatched areas, the manufacturer needed a solution that would prove effective in reality.

background

The problem

The security team had deployed and was managing a mature, layered security program including a stateof-the-art system with next-generation firewalls, IDS/IPS, web filtering, anti-spam, anti-malware, endpoint protection, and SIEM with threat intelligence. Yet with all those big buzz words and security concepts - they still had evidence of ongoing successful cyberattacks, resulting in malware infections and high volumes of malicious traffic. The team felt they had a false sense of security, with their tools reporting no current risks. For example, endpoint protection indicated 100% coverage and patch management reported all systems updated and no patches required - but they were still being successfully attacked. The security team understood that they need a solution that would prove actually effective when tested, and began searching for one.

The solution

After considering both FireEye and ThreatSTOP for advanced threat protection, the manufacturing company chose ThreatSTOP because of its superior performance - it effectively blocked advanced attacks. and was an ease to deploy and use. In addition, no training was needed, nor new hardware required. All this, at a fraction of the cost of competing solutions such as FireEye. After just one day of deploying proactive ThreatSTOP security, many malicious IPs trying to communicate with the customer's network were identified and blocked by ThreatSTOP.

ThreatSTOP blocked malicious traffic that was previously allowed to pass through the network's firewalls, web filter, anti-spam gateway, and DNS firewalls. In addition, ThreatSTOP blocked use of an unapproved videoconferencing application which could be used to exfiltrate sensitive information. The application user was easily identified via ThreatSTOP reporting, enabling corrective personnel to take action and provide the necessary cyber security training.