The 'How-to' handbook for digital success

Security services for vulnerability management and risk mitigation

A leading US-based mortgage software solution provider uses Microland’s Security Operations Center (SOC) to improve and manage its cyber security posture

Microland’s SOC provides 24X7X365 cyber security in accordance with the NIST framework, resulting in lowered incidents and faster response to incidents. 

▼ 86% reduction in patching time for critical and high priority security vulnerabilities

▼ 83% reduction in average age of vulnerabilities

86%
reduction in patching time
83%
reduction in average age of vulnerabilities
Client

The client is a software company that processes 35% of U.S. mortgage applications. Their services are aimed at lenders and are provided in a Software-as-a-Service model (SaaS) that streamlines and automates the process of originating and funding new mortgage loans and facilitates regulatory compliance.

Business Goal

The client’s business serves an industry where regulatory compliance is among the foremost considerations and it is critical to keep all business-related IT infrastructure and data secure. Therefore, the client wanted a partner to provide a Security Operations Center (SOC) for vulnerability management and to monitor, detect, investigate, analyze and respond to phishing attempts, virus and Trojan attacks, DDoS and Ransomware. The goal was to ensure that confidentiality, integrity and availability (CIA) was maintained and all risks were addressed.

Microland Solutions

After analyzing the client’s needs, Microland recommended and implemented the following solutions:

  • Vulnerability Management - conducted for all internal and external locations via weekly Authenticated Scans and Unauthenticated Scans
    • 4 unique external vulnerabilities remediated
    • 53 unique internal production environment vulnerabilities remediated
    • 115 unique pre-production and corporate environment vulnerabilities remediated
  • Manual implementation - of the client’s asset IPs and Subnets has been conducted for all environments (corporate, production, AllRegs and Velocify)
  • Security Monitoring - primarily through Splunk but also includes other tools such as Zscaler, Trend Micro and Cofense
    • Security monitoring is done proactively for each security tool on the SOC/CSIRT toolbox
    • User behavior analysis is conducted through Exabeam UBA
  • Incident Response – by Microland SOC that conducts 24X7X365 operations
    • Security incidents are managed using the incident response lifecycle and NIST Cyber Security Framework 
  • Metrics/ Reporting - for Security incidents, vulnerabilities, patching and remediation have been created and are tracked and recorded
    • Enabled via a SNOW dashboard
Business Outcomes

Microland’s methodical assessment and security expertise combined with industry best practices resulted in a significant enhancement of IT and data security. All security incidents have been handled and resolved within the defined SLAs reducing overall risk.

Within a calendar year, five types of threats were remediated. These included phishing (count: 2,241), health activity (count: 1,219), malicious activity (count: 1,189), vulnerability (count: 755) and reconnaissance (count: 1,625).

The client is now able to:

  • Manage major threats targeting VIP users via a 24X7 Security Event monitoring capability
  • Manage patching of critical and high priority security vulnerabilities faster (cycle time reduced from 7 days to 24 hours)
  • Investigate and act immediately on all phishing emails round the clock
  • Address all zero-day vulnerability and malware threats via threat intelligence
Read more
Cyber concerned? We’re here to help
More Case Studies
  • Microland delivers a complete cybersecurity solution for one of the largest waste management solution providers in the US.
  • A leading US-based mortgage software solution provider uses Microland’s Security Operations Center (SOC) to improve and manage its cybersecurity posture.
  • A Fortune 20 conglomerate increases predictability and reduces cost by leveraging Microland’s advanced security management and risk mitigation processes.
  • Microland provides Security Operations Services (SOC) to monitor, identify, contain and remediate threats to IT infrastructure and data for an India-based pharmaceutical company.