Build more sophisticated use cases to improve accuracy of identifying advanced persistent threats (APTs) for a more timely and targeted response.
Like all financial institutions today, Rabobank is barraged on a daily basis with cyber threats from every imaginable vector. Phishing schemes and malware are a constant nuisance, but the biggest challenge comes from advanced persistent threats – stealthy, continuous hacking attacks by very clever cyber criminals. APTs are often difficult to detect and may be active in a network for months until they are found. At that point, however, damage in the form of data loss or business disruption may already have been inflicted.
For years Rabobank relied on RSA enVision to analyze security alerts. To improve productivity and effectiveness of its security management team, Rabobank needed to build much more sophisticated use cases to provide contextual relevance around security alerts. However, enVision did not provide the necessary capabilities, and new developments from RSA were slow in coming to market.