A large utility company approached MixMode with the following scenario: The enterprise SOC was utilizing a shared SIEM application that was being utilized by several stakeholders: the networking team, the SCADA team, the dev-ops team, the compliance team and cybersecurity teams for “basic search and investigation of log files to meet regulatory compliance requirements”.
Over the past two quarters, MixMode partners, clients, and internal team members have worked together to develop extensive whitepaper and case study resources to share the research, technology, and successes associated with the MixMode platform.
After suffering a possible breach, a client approached the team at Nisos for help evaluating the security of their AWS environment. The client was concerned about possible malicious activity on the part of a former employee who had maintained an AWS Identity and Access Management (IAM) account after being separated.
This year on the MixMode blog, we have covered headline stories, analyzed every pain point within network security, and shared what we believe to be some of the most innovative solutions to help you analyze network traffic, surface threats and anomalies, and stop attacks using autonomous AI.
In October, 2019 a MixMode customer experienced an incident where an external entity attacked a web server located in their DMZ, compromised it, and then pivoted internally through the DMZ to attempt access of a customer database. While the attacker was successful in penetrating the customer’s network, MixMode was able to detect the event before they were successful in penetrating the customer database.
