The world’s first Dynamic Threat Detection Platform
Learn about MixMode’s Dynamic Threat Detection Solutions
MixMode’s use cases for your cyber initiatives
How customers in different industries utilize MixMode
The City of Phoenix’s cybersecurity leaders, Shannon Lawson and Mitch Kohlbecher, have been at the forefront of adopting new technology to solve the fundamental problem perplexing cybersecurity leaders everywhere: how can we reduce our ever-expanding, costly and inefficient cyber tool footprint while also increasing the effectiveness of our cyber defenses and the productivity of our lean SOC team?
Shannon Lawson, CISO for the City of Phoenix, and Geoffrey Coulehan, Head of Sales for MixMode recently joined forces for a fireside chat at the Evanta CISO Summit in Phoenix, AZ. Lawson and Coulehan have been partnering together for almost three years to transform the City’s cybersecurity initiatives and Security Operations Center (SOC).
Unsupervised learning actually draws inferences from datasets without labels. It is best used if you want to find patterns but don’t know exactly what you’re looking for.
In our newest case study, “How a Major U.S. City Rapidly Modernized Its Cybersecurity Defenses,” we share how the City cut its cyber tool footprint in half, gained visibility into advanced foreign adversary attacks, and greatly improved the productivity of its SOC staff.
The nation’s largest Financial Services providers are a favorite target for nation-state sponsored and coordinated cyber-attacks. Despite significantly more financial and resource investment in cybersecurity than any other industry, critical infrastructure breaches and novel attacks remain a daily occurrence.
MixMode’s Head of Sales and Alliances, Geoff Coulehan, shares how MixMode was able to identify critical risk factors coming from inside bad actors that had gone undetected by a large U.S. city’s SIEM and UBA platforms despite their multi-year deployments and their decision to decommission their User Behavior Analytics (UBA) platform.
Within the first 24 hours after deployment, MixMode had enabled the government entity to regain control over the security environment and network data infrastructure. No longer limited to log data analysis, they were able to identify and address real-time threats as well as network and operational configuration challenges.
Ultimately, MixMode found, the log-based SIEM approach resulted in five times the amount of data that needed to be stored, a cost that was passed along to the government entity.
The only truly workable network solution must bridge the inherent gaps that exist throughout [infrastructure] systems. It must also be capable enough to root out hidden vulnerabilities ripe for hacking.
A large utility company approached MixMode with the following scenario: The enterprise SOC was utilizing a shared SIEM application that was being utilized by several stakeholders: the networking team, the SCADA team, the dev-ops team, the compliance team and cybersecurity teams for “basic search and investigation of log files to meet regulatory compliance requirements”.
Over the past two quarters, MixMode partners, clients, and internal team members have worked together to develop extensive whitepaper and case study resources to share the research, technology, and successes associated with the MixMode platform.
After suffering a possible breach, a client approached the team at Nisos for help evaluating the security of their AWS environment. The client was concerned about possible malicious activity on the part of a former employee who had maintained an AWS Identity and Access Management (IAM) account after being separated.
This year on the MixMode blog, we have covered headline stories, analyzed every pain point within network security, and shared what we believe to be some of the most innovative solutions to help you analyze network traffic, surface threats and anomalies, and stop attacks using autonomous AI.
In October, 2019 a MixMode customer experienced an incident where an external entity attacked a web server located in their DMZ, compromised it, and then pivoted internally through the DMZ to attempt access of a customer database. While the attacker was successful in penetrating the customer’s network, MixMode was able to detect the event before they were successful in penetrating the customer database.