The aging of the existing system limited data processing and analysis, and the passive monitoring operations resulted in a lengthy threat response time (30 minutes).
We upgraded and implemented SecuLayer's eyeCloudXOAR (SIEM, SOAR) product. We standardized the threat response process by implementing an operational automation playbook.
By integrating with the Palo Alto firewall for blocking, we significantly reduced the security response time from 30 minutes to under 1 minute. This resulted in an improvement in response quality, regardless of individual capabilities.