RAVENii Uses MixMode Cloud Detection for AWS to Stop Insider Attack

RAVENii, a leading managed services provider, was launched in 2014, bringing decades of front-line experience across many cybersecurity domains; while harnessing the power of its global network of seasoned security experts to keep abreast of the ever-changing threat landscape. Today, RAVENii supports multiple organizations with its “Gray Matter” approach to cybersecurity in an unceasing effort to improve their customers’ security postures.

RAVENii makes security event and log management easy and affordable with their managed SIEM Wave 3 Solution powered by MixMode.

Problem:

A national insurance company was infiltrated by a disgruntled employee who tried to utilize multiple cloud services, including AWS, to mask his activity. 

Solution:

RAVENii was called in to investigate and remediate the incident and uncover the extent of infiltration. 

Result:

RAVENii installed MixMode’s Cloud Detection and Response solution for AWS within the client’s environment to instantly monitor network activity. Within minutes, MixMode’s CDR for AWS provided visibility into log traffic, enabling RAVENii to connect logs back to the offending accounts and terminate access. RAVENii also extended the real-time monitoring capabilities to include all development environments moving forward. The client’s environment was fully secured and they were armed with the necessary information to seek civil repetitions and criminal charges.

“Organizations continue to buy point solutions that overlap with things we already know. There needs to be a change in the paradigm on how we detect and defend. The cyber attackers have access to the AI tools we have as well to create more sophisticated attacks. MixMode’s solution and cloud detection capabilities help level the playing field.” Marty King, CRO at RAVENii