![[DDHBOX Introduction Case] Industrial Machinery Manufacturer / Industrial Machinery](https://image.mono.ipros.com/public/product/image/2103794/IPROS14445071777734224252.png?w=280&h=280)
[DDHBOX Introduction Case] Industrial Machinery Manufacturer / Industrial Machinery
A case where C2 communication, which is likely to occur after an intrusion, was detected and blocked to prevent data exfiltration!
We would like to introduce a case where the security solution "DDHBOX" for exit measures was implemented by an industrial machinery manufacturer. In light of reports of ransomware attacks in the same industry, concerns about external communications after an infection were increasing. There was also the challenge of understanding what constituted normal communication, given the high volume of interactions with overseas locations and partner companies. The product was installed at the network exit of the main site, with notifications set to go to "General Affairs and Information Systems + Executives." Monthly reports were regularly presented at management meetings, establishing a framework for the PDCA cycle. [Case Overview] ■ Challenge: Considered implementing EDR, but operational burden was a bottleneck ■ Solution: Clarified the role distribution between existing UTM/EDR (entry/internal/exit) ■ Effects: - Initial response procedures, such as device isolation, were triggered by notifications - A system was established to regularly explain the status of countermeasures through reports *For more details, please download the PDF or feel free to contact us.
- Company:ネクフル
- Price:Other
![[DDHBOX Introduction Case] Testing and Analysis Contracting / Testing, Analysis, and Measurement](https://image.mono.ipros.com/public/product/image/2103794/IPROS11576434451737587105.png?w=280&h=280)
