Established by former officers from the U.S. intelligence community and based in Washington, DC, Nisos, provides technology-enabled cybersecurity services and investigations. The company is a trusted partner to many Fortune 500 firms that need to secure their on-premise and Cloud-based assets to avoid existential threats to their businesses.
“Our value is tied directly to the speed at which we can react. If we can move quickly, we can prevent the spread, which means less data is infected, and fewer resources have to work on cleanup. MixMode AI quickly identifies anomalies so we can alert our clients and start our investigations.”Travis Peska, Nisos’ Managing Director of Network Operations
The Challenge: Manual Audits Impact Efficiency
After suffering a possible breach, a client approached the team at Nisos for help evaluating the security of their AWS environment. The client was concerned about possible malicious activity on the part of a former employee who had maintained an AWS Identity and Access Management (IAM) account after being separated.
To understand the scale of the possible breach, Nisos needed to export and manually review all of the client’s CloudTrail logs, a resource-intensive and time-consuming exercise.
“Speed and accuracy are important in our investigations,” said Peska. “This AWS account had roughly 10 to 15 API calls every second. Just manually exporting the CloudTrail logs was killing our machine. It took hours, and we finally ran out of inodes, so we couldn’t cease and write to disk.”
Read the case study here to find out how Nisos used MixMode’s context-aware AI to solve this challenge, create evolving baselines of its clients’ networks, and quickly report anomalous activity.