- Providing instant access to the extensive library of detection algorithms convertible into any end-customer’s unique SIEM, EDR, or XDR environment, including QRadar, Splunk, and CrowdStrike
- Simplifying administration and accelerating the process of delivering end-customers’ cybersecurity maturity
- Enhancing proactive cyber defense by expediting the detection of zero-days and other critical threats
- Increasing threat detection and hunting velocity with intelligence-driven cybersecurity solutions
Need for Improved SOC Resource Utilization with Outsourced Threat Research and Content Development
The increasing escalation of attack volumes requires ultra-fast responsiveness from cyber defense teams. Striving to enhance cyber defense capabilities for Deloitte Brazil’s customers, the company sought a scalable solution, adaptable across multiple industries, capable of increasing their end-customers’ managed services security posture and responsiveness to detecting and resolving critical and emerging threats. The company considered two options to achieve this goal:
- Significantly increase in-house engineering resources to keep pace with accelerating attack volumes. This option required substantial investments in threat hunting resources.
- Leverage detection algorithms from a specialized threat detection content marketplace allowing the existing SOC team resources to focus on detection and mitigation rather than on content research and development.
Need for Increased Maturity and Velocity of Cybersecurity Operations
Deloitte Brazil had access to insights gleaned from a global base of client profiles across multiple industries, utilizing a myriad of SIEM, EDR, and XDR environments. This enabled the company’s engineering team to seek innovative ways to dramatically improve threat detection and hunting capabilities and keep pace with evolving market demands for responsiveness and effectiveness. A primary goal was to elevate the utilization of global threat intelligence in its service delivery model. Deloitte Brazil has already started implementing the progressive cybersecurity strategy addressing these priorities, but the company’s ambition was to accelerate the speed of this process.
Customers’ Reliance on Disparate Security Solutions & Related Skills Shortage
As part of the global organization providing professional services, Deloitte Brazil faced the daunting challenge of matching diverse customers’ demands for expert threat detection operations tailored to unique environment needs. The company realized that covering threat detection content development for all customer profiles with a diverse set of deployed technologies would require significant expansion of Deloitte Brazil’s engineering team.
Deloitte Brazil pioneered SOC Prime’s Detection-as-Code solution in their cybersecurity market, highlighting the company’s progressive mindset and willingness to explore industry innovation to improve and accelerate the services they deliver. With SOC Prime’s platform, Deloitte Brazil found both an efficient and effective solution that allowed them to amplify their professional services by outsourcing the development of context-enriched threat detection content across all stages of the attack lifecycle and translating these detections into all customers’ unique security environments. This allowed Deloitte Brazil to achieve the company’s core objective of increasing their customers’ cybersecurity maturity. SOC Prime has enabled Deloitte Brazil to implement the proactive cybersecurity approach providing the customers with the most relevant and up-to-date detection content for critical threats.
With SOC Prime’s Detection as Code platform, Deloitte Brazil instantly addressed the challenge of keeping pace with the ever-evolving threat landscape without expanding their in-house security team. For instance, in the case of Log4j zero-day vulnerabilities massively exploited in the wild, the company’s team was flooded with the customers’ requests for related detections. These detections were already available in SOC Prime’s platform the day the proof of concept (POC) was released. This proactive approach enabled Deloitte Brazil to deliver to their customers a solution that instantly addressed emerging threats while allowing the core team of Threat Hunting resources to focus on detection and remediation rather than content development.
Before leveraging SOC Prime’s solution, Deloitte Brazil considered the need to triple the size of their engineering team to cover diverse customer demands with unique threat profiles and security environments. SOC Prime’s platform has provided the company with instant access to a broad collection of the most widely requested use cases related to brute force attacks matching the organization-specific log sources with translations available for any unique security environment. Outsourcing threat detection eliminates the skills shortage challenge that requires Detection Engineers specializing in particular SIEM or EDR since SOC Prime’s platform delivers Sigma rules convertible to 25+ SIEM, EDR, and XDR solutions.
Deloitte Brazil’s customers displayed multiple levels of cybersecurity maturity with their requests varying from the basic needs to more advanced services accompanied by relevant CTI. Leveraging SOC Prime’s MITRE ATT&CK Coverage dashboard has enabled the company to cover multiple threat vectors relevant to particular environments, identify critical gaps, and set strategic detection objectives aligned with any organization’s unique security profile and needs to reduce available attack surfaces.
Deloitte is a leading global provider of audit and assurance, consulting, financial advisory, risk advisory, tax, and related services to nearly 90% of the Fortune Global 500® and thousands of private companies. Deloitte has been recognized as the most valuable commercial services brand by Brand Finance — for the fourth year in a row and also appears in the ranking of the 10 strongest brands in 2022. Deloitte grows in scale and capabilities expanding its global team of over 345,000 seasoned professionals making an impact across 150 countries, including Brazil.
Deloitte Brazil is one of the marketing leaders connecting over 5,500 professionals on board who are recognized for integrity, competence, and capability to turn their knowledge into the best solutions for their clients. Deloitte’s operations cover throughout the Brazilian territory, with offices in São Paulo, Belo Horizonte, Brasília, Campinas, Curitiba, Fortaleza, Joinville, Porto Alegre, Rio de Janeiro, Ribeirão Preto, Recife and Salvador. With a strong focus on cybersecurity, Deloitte Brazil delivers cyber threat intelligence and cyber threat monitoring services to customers from multiple industry sectors and with different maturity levels helping them to develop and implement effective cybersecurity strategies aligned with their business needs.