保护值得信赖的内部人员
公司规模
Large Corporate
产品
- DTEX Workforce Cyber Intelligence Platform
技术栈
- Cybersecurity
- Phishing Detection
- User Behavior Analysis
实施规模
- Enterprise-wide Deployment
技术
- 网络安全和隐私 - 网络安全
适用功能
- 商业运营
用例
- 网络安全
服务
- 网络安全服务
关于客户
客户是一家拥有 3,000 名员工的大型能源组织。该公司因周边安全措施失效而遭受网络钓鱼攻击。钓鱼邮件成功突破公司的网络防御系统,直接进入员工收件箱。代理服务最终检测到并标记用户访问了恶意 URL,但对于攻击者进入网络的位置和方式、受影响的用户数量以及潜在损害程度的可见性有限。
挑战
企业安全威胁形势比以往任何时候都更加复杂,新风险和攻击方法的出现速度超出了我们的跟进速度。一种没有减缓迹象的既定攻击媒介是网络钓鱼。随着网络钓鱼攻击变得越来越复杂,它们越来越专注于利用一个关键但经常被忽视的漏洞:网络内的用户。用户行为(打开、点击、下载)是促成因素,允许恶意行为者进入您的网络并找到他们正在寻找的有价值的个人或公司信息。最近,大量以发票为主题的恶意网络钓鱼电子邮件被发现已经渗透到客户网络中,绕过久经考验的网络防御系统直接进入员工收件箱。代理服务最终检测到并标记用户访问了恶意 URL,但对于攻击者进入网络的位置和方式、受影响的用户数量以及潜在损害程度的可见性有限。
解决方案
DTEX 的员工网络情报平台用于提供关键见解并解答重要问题,使安全团队能够充分了解攻击的来源和轨迹,并查明受影响的用户和终端。该平台能够发现通常用于避免检测并成功渗透员工收件箱的高级技术的证据。其中一种技术是使用多态性,包括动态电子邮件主题行、URL、文档名称和执行的有效负载。此外,网络钓鱼电子邮件中包含的链接被发现是实际公司网站的地址,这些网站已被入侵并被用作托管恶意文档的临时位置。DTEX 的平台能够回答关键问题,例如哪些用户打开了恶意电子邮件,哪些用户点击了恶意链接或下载了附件,恶意电子邮件何时进入组织,以及哪些终端可能受到入侵。
运营影响
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
相关案例.
Case Study
Enel Secures Italian Power Generation Network
Electric energy operators around the world are working to increase the reliability and cyber resiliency of their systems. This includes Enel, a global power company that manages and monitors the Italian power grid. This grid:• Serves 31 million customers• Has a net installed energy capacity exceeding 31 gigawatts• Includes more than 500 power generation plants,including hydroelectric, thermoelectric, and wind• Is managed and monitored by Enel 24/7/365• Is operated by Terna, the Italian Transmission System Operator (TSO)Enel is responsible for the availability of the grid’s underlying ICS and industrial network. It also manages Regional Control Centers and Interconnection Centers which connect with the TSO. The TSO manages the flow of energy to the grid plus controls and remotely regulates the power generation of power plants, increasing and decreasing power production as required. The complex system of interaction and cooperation between Enel and the TSO has strong security implications as well as operational and business challenges.
Case Study
Securing the Connected Car Ecosystem
In-vehicle communications and entertainment system hosts high-value or sensitive applications. API libraries facilitate communication and sharing of vehicle data. These API libraries are vulnerable to reverse engineering and tampering attacks and may even result in loss of passenger safety. Attackers can inject malware that may be able to migrate to other in-car networks such as the controller-area-network (CAN) bus which links to the vehicle’s critical systems. Software provided for dealers to interface with cars through the OBD2 port is vulnerable to reverse engineering and tampering attacks. Hackers may be able to abuse these tools to inject malicious code into the ECUs and CAN bus. Attackers can lift the cryptographic keys used, and use that to build their own rogue apps/software. Their cloned version of the original app/software may have altered functionality, and may intend to gain access to other in-car networks.
Case Study
Secure and Cloud-based Data Marketplace
The great promise of new connected concepts of industry like 'Industry 4.0' is their ability to deliver a historically unparalleled level of responsiveness and flexibility. While modern supply chains are already heavily integrated and designed to be fluid and fast moving, a large swathe of manufacturing still remains beholden to economies of scale, large production runs, and careful preplanning.The Industrial Internet of Things (IIoT) is set to change this by allowing small-batch or even custom manufacturing on a truly industrial scale. With machines whose functions are not set in stone, but flexible and determined by their operating software and with a new form of connectivity bringing industrial engineers, product manufacturers, and end users closer together than ever before. Ad-hoc adjustments to automotive parts, for example, during active product runs or the bespoke manufacturing of custom sneakers become very viable options indeed.Much of this remains a theoretical vision, but IUNO, the German national reference project for IT security in Industry 4.0 demonstrates the new capabilities in action with a secure technology data marketplace running a smart drinks mixer.
Case Study
Expedia Hosted by 2lemetry Through AWS
Expedia is committed to continuous innovation, technology, and platform improvements to create a great experience for its customers. The Expedia Worldwide Engineering (EWE) organization supports all websites under the Expedia brand. Expedia began using Amazon Web Services (AWS) in 2010 to launch Expedia Suggest Service (ESS), a typeahead suggestion service that helps customers enter travel, search, and location information correctly. According to the company’s metrics, an error page is the main reason for site abandonment. Expedia wanted global users to find what they were looking for quickly and without errors. At the time, Expedia operated all its services from data centers in Chandler, AZ. The engineering team realized that they had to run ESS in locations physically close to customers to enable a quick and responsive service with minimal network latency.
.png)
Case Study
OTA Software Updates for Smart Energy (gridX)
gridX has a requirement for over-the-air software updates for their gridBox devices and used the Yocto Project for their builds. The driver for the requirement was having the ability to quickly support new features, as well as deploying bug fixed and path known security vulnerabilities. New software updates with a US stick manually to all gridBox devices in the field would be prohibitively expensive and labor-intensive.
Case Study
Transformed IT Infrastructure Improves Business Agility
A global security, storage, and systems management software provider planned to demerge into two separate companies. To prepare, it undertook a major overhaul of its IT infrastructure and operations strategy. A key requirement: streamlining the Hosting Group, which handled compute, storage, and middleware operations. These functions had grown complex and had a wide geographic distribution. The company planned to bring them under closer in-house management.The company looked to increase its business agility so it could quickly and creatively respond to customer demands with improved internal collaboration and optimized go-to- market and IT service delivery capabilities. Modernizing IT functions, and making them more responsive, was critical to achieving these goals.
