Making a leading ride-share company more CAPABLE with improved endpoint security.
A massive ride-sharing company serving millions of customers had a recent bout of negative PR, and couldn’t risk a breach, or any sort of data exfiltration.
Endpoint security was one area where improvements could be made. We determined various methods in which their system could be exploited, creating a robust testing plan, and then built out our Test Lab to mimic their environment, and test each technology against it.
Our Key Challenges
Securing critical production systems to avoid future data breaches, and to be able to maintain security as they continued to grow.
Evaluating next generation anti-virus and endpoint detection and response tools against modern advanced persistent threats.
Meeting their requirements for integration for their custom SIEM and other platforms.
Providing streamlined and effective threat-hunting capabilities.
Our Pathway to a Solution
We developed a detailed testing plan around the specific use cases they outlined, focusing on each solution’s capability of protecting against malware and attacks; visibility to endpoint and environment; remediation and response; and their administrative functionalities.
We created exploit strategies based on the MITRE ATT&CK framework for testing advanced attack detection and prevention.
We worked directly with vendors to understand limitations on modules, and tactics they use to prevent attacks.
Creating a Custom Solution
• We provided a comprehensive, 100-page tech report with our pros and cons for different vendors.
• Our analysis included every possible angle with regard to security, usability, and administration. This gave them the chance to make a truly educated choice in vendor products going forward.
As a result of our audit and report, we were able to show they needed greater endpoint protection before filing for IPO.