Blumira Resources & Blog

Customer Story: Mid-Sized Manufacturing Firm

Written by Eric Pitt | Sep 25, 2024 2:57:41 PM
Industry Driver Company Size
Manufacturing Company Needed SIEM for Greater Visibility 200

The Challenge

With a limited IT budget and staff, the mid-sized manufacturing firm needed an easy-to-use SIEM for detection and monitoring that could seamlessly integrate with Microsoft 365 and Cisco Umbrella.

The Solution

The manufacturing firm used Blumira’s Free SIEM to quickly gain greater visibility into the security of their Microsoft 365 environment and reduce time spent on noisy alerts.

[Blumira] has the ability to absorb information from all different places, collate it, and give you a result and analysis that is understandable and easy to work with.

Anonymous
IT System Administrator

 

Mid-Sized Manufacturing Firm

Founded in 1980, the mid-sized manufacturing firm serves a diverse range of industries, including fresh produce, processed foods, meat, fish, beverages, and industrial packaging.

The Challenge: Seeking Low-Maintenance SIEM to Enhance Availability and Visibility

The manufacturing firm’s IT manager leads a small team of two, ensuring secure system access for numerous vendors and monitoring for potential malicious activity. With limited security expertise, their IT team sought a low-effort, high-value solution to help maintain system availability and quickly resolve potential threats.

"Our business operates 24/7, so we need to make sure everything stays up and running. A ransomware attack would have a serious negative impact on us, and we want to be prepared for that. If such an incident occurs, we need to be able to recover quickly," their IT manager said.

In addition to strengthening their security posture, the manufacturing firm needed to reduce the time spent dealing with constant security alerts. Their IT manager’s team previously used Snort, an open-source network intrusion detection system. Although it was a free solution, Snort inundated their IT team with a high volume of alerts, many of which were false positives.

"[Snort] is quite a monster. One thing I didn’t like about Snort was the high volume of alerts, many of which were false positives. It came with a lot of noise," their IT manager said.

The Solution: Blumira’s Free SIEM Frees Up Time and Staff

Their IT manager’s team discovered Blumira and signed up for the Free SIEM version to secure their Microsoft 365 application. With Blumira, the manufacturing firm immediately gained greater visibility into their environment and significantly reduced the time spent reviewing superfluous alerts from their previous security solution. Blumira eliminated unnecessary noise, giving their IT team pre-tuned behavior-based detections that sent real-time findings.

“With Blumira, when you get an alert, it’s something real to look at that’s worth investigating," their IT manager said. “I liked that it was very low noise.”

The manufacturing firm’s small IT team used Blumira’s Free SIEM to quickly aggregate and centralize all logs, without relying on network engineers to complete manual security tasks. Blumira’s platform comes with built-in detection rules that are automatically deployed and continuously developed, maintained, and tuned by a team of incident detection engineers.

“[Blumira] takes a bit of that pressure off to constantly be analyzing logs in depth. You don't have to manually check the logs all the time because you're too busy,” their IT manager said. “I hardly ever log in, I just wait for the alerts. And then if there's something there, then I'll go look at them. That's the advantage of [Blumira], that's what we want it for.”

Blumira’s ease of deployment and use provided significant value and time-savings to the manufacturing firm’s small IT team. They were able to integrate Blumira with their Microsoft 365 and Cisco Umbrella applications, and get their SIEM up and running the same day.

“The initial implementation took less than two hours. It was really easy—I just went through the online documentation. The guide provided simple, straightforward steps," their IT manager said.

Incident Response Guides for Real-Time Findings

Blumira provides security playbooks for every finding, guiding users through timely and effective threat response. Blumira’s security team gives actionable next steps, informed by contextual information for compliance, auditing, or investigation purposes.

“I like the step-by-step response procedure that Blumira runs you through. It’s helpful to see the whole path with the playbook and resolutions that give you a direction," their IT manager said. “It's like having another set of eyes on the network. And that's what I really liked about it.”