Microsoft Purview

The Challenge 

As a security first business, our client is fully aware of the importance of 24/7 security operations and incident response capabilities. Building on their already strong in-house Security Operations teams and security credentials – including ISO 27001, SOC 2 and Cyber Essentials Plus certification – they were looking for a managed security services (MSS) partner who could help them drive further improvements in their security operations.  

Specifically, they were looking for an MSS partner who could help them achieve 24x7 Managed Detection and Response (MDR) across their entire enterprise and SaaS ecosystem, expand the scope of their security coverage, and help them increase the value of their in-house security team by owning more tactical elements of the Security Operations processes.  

Our client recognised that finding, recruiting, and/ or training new staff to deliver these capabilities in-house would be a lengthy and time-consuming process. With this in mind, they determined that working with an external partner could help them achieve these outcomes at pace. Working with a partner would also allow them to assess the effectiveness of their current capabilities through regular penetration testing.  

The Solution 

To select the right partner, our client sought proposals from several MSS providers. They subsequently reviewed the proposals against their selection criteria and chose the most suitable: Bridewell.  

Our client felt that Bridewell was the best fit, due to their agile methodology and experience within the financial services sector. Instead of providing a standardised service, Bridewell tailored the solution around their individual requirements and pain points. Bridewell also leveraged their experience within the financial services sector and with SaaS providers to deliver a customised service that incorporated insights and expertise from their security analysts, who have years of experience securing organisations with similar challenges.  

Our client already had a cloud based SIEM in place, however Bridewell was able to rapidly integrate this into their security operational processes and DevOps pipelines for content development, management and distribution. 

Following this, Bridewell’s Offensive Testing team also performed an Assumed Breach Test. In comparison to more traditional penetration testing, this assessed Cryptocurrency Company’s capabilities to defend against a cyber attack once their users or devices are already compromised, using threat intelligence to mimic the behaviours of a real-world threat. This provided them with true insight into the potential impacts of an attacker bypassing their external perimeter and their defence and response capabilities.  

Throughout the engagement, Bridewell’s SOC and Offensive Testing teams worked closely with our client to ensure that the was minimal impact to their daily operations and that all projects were delivered promptly. 

The Results 

As part of Bridewell’s SOC, our client now has 24x7 visibility across their entire estate: including enterprise and customer SaaS environments. They are now benefitting from a range of security technologies and higher-fidelity alerts that reduce the number of low-level tickets that require attention. 

Partnering with Bridewell has also enabled them to take a more proactive approach to cyber security, allowing them to make better use of threat intelligence and industry information. Our client has leveraged Bridewell to develop threat hunting for indicators of compromise and behaviours within their environment, and these are used to close any potential vulnerabilities that are commonly attributed to relevant malicious actors.