Implementation of QLEAN for QRadar for a Major North American Retailer
Customer
The Customer is a large North American retail company. It operates a wide range of major brands, predominantly in clothing retail, and runs a vast online marketplace as well as brick-and-mortar stores.
Challenge
The Customer values its reputation as a reliable and secure business and constantly strives to enhance its security management and ensure maximum protection for its complex IT infrastructure. The Customer wanted to optimize SOC operations and SIEM administration and free up resources for better offense investigation and threat detection. The company was looking to have a granular view of its IBM® Security QRadar SIEM deployment, reduce alert fatigue and the amount of time required to generate reports.
Solution
An IBM Security Partner with 19 years in cybersecurity, ScienceSoft is one of the largest vendors of highly specialized custom tools and apps for SIEM covering nearly all SOC use cases. Impressed by ScienceSoft’s SIEM tuning and optimization expertise and multifaceted understanding of the underlying threat landscape, the Customer turned to ScienceSoft to resolve its SIEM concerns.
Having analyzed the Customer’s concerns, our team suggested trying a full-featured 30-day proof-of-concept license of our flagship QLEAN App Suite. Its enterprise version offers advanced automated QRadar SIEM assessment and optimization framework, anomaly detection features and reporting metrics, which the Customer could leverage to unlock the full potential of its QRadar deployment.
ScienceSoft’s team deployed QLEAN in the Customer’s IT environment. The QLEAN engine thoroughly examined the SIEM system in place, automatically detected deviations and suggested remediation actions. The QLEAN dashboards and health markers quickly revealed potential areas for improvement.
ScienceSoft’s QLEAN consultants provided additional actionable insights and delivered customizations specific to the Customer’s QRadar deployment. They helped analyze QLEAN reports and build a strategic QRadar maturity and development roadmap based on QLEAN findings.
Results
Satisfied with the project outcomes, the Customer purchased ScienceSoft’s QLEAN App Suite. The Customer’s IT team underwent comprehensive training by ScienceSoft’s consultants on how to use QLEAN to the maximum benefit. As a result, they managed to significantly improve QRadar performance and ensure top-level IT environment monitoring and offense detection.
Technologies and Tools
QLEAN for IBM® Security QRadar® SIEM system.