Electro Optic Systems (EOS), an Australian technology company operating in the defense, space, and communications markets, was facing a significant challenge as it expanded its international footprint. The primary issue was maintaining their cybersecurity defensive perimeter, a crucial aspect given the sensitive nature of their business, which often intersects with national security interests. As EOS grew from a small organization to a large enterprise, the need to uplift their security posture and maturity became increasingly critical. The company required a solution that would provide continuous protection, monitoring, detection, and incident management tailored to their specific business needs.

Experity, a dynamic Health Information Technology company, was formed from the merger of the two largest urgent care Electronic Medical Records (EMR) companies in the country. This merger led to a rapid expansion of personnel, office locations, software, and services, creating unique challenges for the security team. The team was tasked with a substantial mission to protect the company from loss events of any kind, necessitating business continuity and standardization. The team was small and the expansion meant they would need to triple or quadruple their size to get the coverage they needed. The company had been using a Managed Detection and Response (MDR) platform, but it was not sufficient for the new scale of operations. It only monitored network and server activity and not endpoint activity, which was crucial as most security issues arise from user activities on desktops and laptops. The security team needed a platform to vet alerts from the increased number of employees and contractors.

Exponent, a renowned engineering and scientific consulting firm, faced a significant challenge in securing its data across its diverse and constantly evolving environment. With 1,500 employees spread across more than 30 locations and serving clients in the U.S, European Union, and Asia, the firm needed a robust security solution that could provide visibility across its diverse environment. The responsibility of securing the data fell on Daniel Shuler and his information security team. The team's primary focus was to protect their clients' data using the best technology available and demonstrate that they had the right security tools in place. The challenge was further complicated by the firm's constantly evolving roster of clients and projects, new field offices, and diverse technologies.

Hypertherm, a leading industrial cutting and shaping company, faced a significant challenge in maintaining the security and smooth operation of its diverse range of assets. These included operational technology, IoT devices, and Hypertherm's proprietary software. James Thompson, Information Security Manager at Hypertherm, was seeking a comprehensive solution that would provide visibility into the complex manufacturing sector, often referred to as the 'wild west' due to its lack of regulation. The company's environment was highly mobile, with many employees using laptops and a significant percentage of engineers using high-powered CAD workstations. Additionally, the company had to deal with old legacy machines running on outdated and difficult-to-secure systems. The challenge was further compounded by the constant movement of manufacturing cells around the organization, which often led to printers being moved to new IP ranges without Thompson's knowledge, causing potential disruptions to production.

The case study revolves around the challenges faced by Tony Hamil, a senior cybersecurity engineer for a commercial real estate development company based in Dallas, Texas. The company operates in an industry that is not heavily regulated by the government, but still faces significant cybersecurity challenges. Hamil's role includes a wide range of responsibilities, from application setup to maintenance, integrations, and alert monitoring. The company's IT environment is unique due to the lack of government regulations, but it adheres to the CIS and NIST standards voluntarily. The company has a large number of remote sites and users, making it crucial to maintain security whether the employees are working onsite or remotely. The company's biggest security challenges include patch management and user and asset management. The team often struggles with installing patches properly, leaving the system vulnerable. Additionally, the process of onboarding and offboarding employees from an IT and security perspective was a significant challenge.

Security Finance, a financial services company with over 1,000 locations across the United States and Mexico, was facing a significant challenge in maintaining its cybersecurity. As a financial institution, it was a constant target for cyber attacks, necessitating a proactive rather than reactive approach to security. The company's situation was further complicated by its extensive infrastructure, which included in-house software and various systems across multiple data centers. This vast surface area increased the potential for attacks. Additionally, the company's security program was not very mature, and they lacked a comprehensive understanding of their assets and the associated vulnerabilities. Prior to implementing a solution, the company was primarily focused on patch management, without a full understanding of the remaining vulnerabilities in their systems.

Visier, a SaaS-based workforce intelligence solutions provider, faced a significant challenge in ensuring the protection of sensitive customer data. As a company entrusted with a vast amount of sensitive data, understanding their exposure in terms of vulnerabilities, potential threats, and threat actors was of paramount importance. The company needed a solution that would not only help them understand their exposure but also provide a robust system for event correlation, detection, alerting, and investigation of potential incidents. The challenge was to find a comprehensive solution that could offer deep insights into vulnerabilities, help inform remediation plans, and provide a robust communication strategy for vulnerability management.

Acme Brick, a company with a long history in brickmaking, faced a significant challenge in managing the security of its IT infrastructure. With only two team members responsible for the security of 1200 workstations, servers, and active users, the company was struggling to maintain efficiency and effectiveness in its operations. The lean team was overwhelmed with the volume of work and the need for a tool that could streamline their day-to-day operations was deemed critical. The challenge was to find a solution that could integrate all their security tools into one platform, making it easier to manage and monitor their security posture.

Alpina Group, a Netherlands-based insurance technology firm, was facing a significant challenge in improving the maturity of its in-house security program. The company was on a steep growth curve, expanding its workforce from 350 to 550 employees in just two years. This rapid growth also led to an increase in the number of IT assets to manage and secure. The insurance sector is a popular target for attackers due to the wealth of sensitive personal and financial information they hold. Alpina Group recognized the need to enhance its visibility into the threat landscape and its own IT infrastructure to proactively manage risk. The company's incumbent SIEM platform created a blind spot after a year-long implementation, as it was too complex for the small security team to operate effectively. Security Officer Joost Dubbelman was tasked with finding vulnerability management and incident detection solutions that could be managed by a small team, provide enhanced insight, and help reduce risk.