This post was last updated on September 17th, 2019 at 04:01 pm
Download Case Study
Submit this form to download our case study
Case Study Overview
A midstream natural gas company with significant investments in cybersecurity defenses, including an EDR platform, next-gen firewalls, stateful packet inspection, and more, recognized the need to certify their defenses are working as expected...
Find out how an oil and gas company leveraged the Infocyte HUNT platform for a compromise assessment, to validate and reinforce existing defensive technologies and strengthen their entire cybersecurity ecosystem.
This midstream natural gas transportation and distribution company provides gas to light and heavy industries, petrochemical facilities, and desalination, power, refinery, steel and cement plants. The customer operates an extensive network of gas pipelines, compressors and supply stations.
The company had already made significant capital and operational investments into defensive solutions to protect its IT assets and corporate data. These investments include endpoint detection and response (EDR), network monitoring, next-generation firewalls, stateful packet inspection, and more. As an operator of critical infrastructure, the company can’t afford to fall victim to ransomware or some other type of cyber attack.
The customer decided to run a comprehensive compromise assessment on its entire estate in order to validate the strength of the existing defenses. It chose Infocyte HUNT to conduct this critical assessment.
The customer and Infocyte worked together to scan all 800 endpoints within the IT infrastructure to ensure complete visibility. Using Infocyte HUNT, the customer scanned all its endpoints in just two days’ time, including those that were initially offline or undiscoverable. Following the scans, Infocyte did the in-depth threat analysis.
Within 30 minutes Infocyte discovered an unknown piece of software that had been injected into a system process. The customer’s network team determined that the program in question was malware that had been tailored specifically to attack this enterprise. The malicious software had successfully bypassed the customer’s network and endpoint defenses — including its EDR solution.
“We saw measurable value in layering Infocyte on top of our EDR deployment. Infocyte HUNT offers insight into memory resident threats. Coupled with the visibility that EDR provides into event driven data from processes, the file system, the registry and more, using these tools together makes a powerful combination.”
- Senior Engineer, IT Security
Given that the nature of the data under attack met the threshold of national security concerns, an ROI for the Infocyte engagement was demonstrated with a single discovery. At the same time, the discovery of malware by Infocyte HUNT underscored the customer’s need for a new class of control: the ability to define and manage dwell time.
Accordingly, the customer has moved to budget and procure enterprise licenses of Infocyte HUNT to give them the ability to run daily scans and discover malware within 24 hours of first execution.
Read our natural gas case study to learn more about what Infocyte HUNT found in this environment and how it was resolved.