Use cases

Insider threats

Industry

Trade union

Size
250 employees
Subject
Junior Accountant
Activity feed
Print event

Insider threats

Initial security challenge

The company lacked visibility within their infrastructure.

With an organizational security audit approaching, they were looking for a visibility tool that could prepare them and help refine internal policies.

Visibility with Jazz

The platform could see a Junior Accountant was using their company-issued laptop from a vacation site on a public holiday, accessed pension statements from email attachments, and sent them to a nearby printer.

The ability to see a logical sequence of events across several attributes would not have been possible without the Jazz Platform.

Activity feed
Print event

Data protection

Industry

Industrial automation

Size
1,200 employees
Subject
Sales Consultant
Data protection

Data protection

Initial security challenge

The customer was concerned about protecting customer data.

Their lack of visibility into their globally distributed workforce - paired with VPN enforcement issues - led them to decide against network-based solutions.

Visibility with Jazz

Although USBs were intended to be disabled for all devices, the platform identified a sales consultant who had been making regular backups of customer data to a USB drive. The ability to see a logical sequence of events across several attributes would not have been possible without the Jazz Platform.

The platform could see all file names on the USB and the frequency of use, which indicated that this had gone unnoticed for months.

The platform provided full visibility into their distributed workforce, enabling them to uncover additional corporate policy violations for cloud storage.

Data protection

Employee training

Industry

Property management

Size
150 employees
Subject
CFO
Data protection

Employee training

Initial security challenge

The company was looking for extended endpoint visibility and to increase the efficiency of their troubleshooting process.

Visibility with Jazz

Jazz uncovered a file ‘passwords.doc’ used daily by the company’s CFO on a shared drive using the platform’s native search engine.

The document contained text of the individual’s usernames and passwords, which violated the company’s security policy.

Because the search engine doesn’t require query language knowledge, uncovering details like file names, a frequency of use, and movement is simple and fast.

Data protection

External attacks

Industry

Technology consulting services

Size
400 employees
Subject
Bash Bunny / External physical attack
Data protection

External attacks

Initial security challenge

The customer had a wide variety of security technology vendors, but they were looking for deeper endpoint visibility.

With questions around Bash Bunny visibility and protection, a controlled attack was conducted on the customer’s machine to understand the granularity of detail the platform could provide.

Visibility with Jazz

Immediately after insertion, the Bash Bunny ran a script to access the machine’s WLAN profile and dump details on wireless networks and passwords to a file.

On the Jazz platform, the customer was able to see:

  • The script being run
  • Exact commands to dump the WLAN profiles
  • That there was a new process for that machine
  • Details of the USB composite device with a vendor ID and serial number.
Data protection

Threat hunting

Industry

Financial services

Size
250 employees
Subject
IT Analyst
Data protection

Threat hunting

Initial security challenge

The customer had a variety of security products and was very satisfied with the alert efficiency of their detection tools, but they were suffering from a lag when they had to troubleshoot or investigate an alert.

Searching for information was cumbersome and they often required more details than their data logs were providing.

Visibility with Jazz

One of the customer’s IT Analysts downloads Nmap to scan servers and SSH into them as part of a red team test.

With the Jazz agent installed on the employee’s machine and the servers, a clear, logical series of events showed:

  • The download
  • Which servers were scanned
  • Connections between the endpoint and servers
  • A list of Nmap exploitation scripts
Data protection

Join the most secure businesses

Protect more with fewer tools. Experience how Jazz Networks protects your organization today with the 30-day free cloud trial. Jazz Networks’ analyst team will give you a threat hunt report in 30 days free of charge.

Join action icon