Overseen by the Ministry of Entrepreneur Development and Cooperatives (MEDAC) of Malaysia, the Urban Development Authority (UDA) is a property developer that manages and operates real estate as well as provides services for housing, lifestyle, retail, and hospitality sectors. Renowned as one of the top ten property developers in the market, UDA has played an instrumental role in the development of Selangor, Kuala Lumpur, Penang, Johor, and more. To improve the developer’s overall security posture and gain visibility into its extended IT landscape, UDA has chosen LogRhythm SIEM Platform.
The Business Challenge
Blind Spots in Cybersecurity
As a company that is responsible for many governmental, commercial, and residential property development projects throughout Malaysia, it is imperative for UDA to ensure that their data, clients’ information, and assets are well protected. However, not only did the cybersecurity team lack the resources, they also lacked the experience and expertise to adequately handle the volume and complexity of both external and internal threats to UDA.
In other words, the team had been unnecessarily spending a substantial amount of time and resources manually detecting threats, which include DDoS, ransomware, brute force, and phishing attacks. Additionally, this manual detection — in the blind — also meant that it was harder to differentiate between real threats and false positives, resulting in a huge impediment to their ability to respond and remediate cyberthreats in the shortest possible time. Eventually, their ability to satisfy compliance regulations was also impacted.
Consequently, the team realized that they needed a security information event management (SIEM) solution that could enhance and centralize visibility, detect advanced threats, and respond to incidents effectively around the clock.
Following an evaluation of cybersecurity vendors, UDA selected LogRhythm for its ease of deployment and use, user interface, and out-of-the-box content for threat detection and compliance. Recognized for its leader’s position in the Gartner SIEM Magic Quadrant, LogRhythm also surpassed its competitors in terms of scalability, cost-effectiveness, and customer-focused support system that enabled the UDA team to hit the ground running quickly. In fact, it only took an hour for UDA’s IT engineers to understand and familiarise with LogRhythm’s dashboard, which did not require any advanced scripting skills in order to manage it.
Since working with LogRhythm, UDA has gained full visibility into their network and system — of internal and external threats — enabled by threat intelligence. Their efficiency and accuracy have also increased, as they were able to dial back on addressing false positives, and instead focus on real threats that were of high priority.
Reduced Detection and Response Times
Given the vast landscape of data and information UDA holds, the large organization needs to ensure that they can identify threats attempting to hide within that maze of information swiftly. With LogRhythm’s RespondX, UDA was able to streamline the investigation and mitigation of threats by coordinating and automating as many steps in the response workflow as possible. This means greater efficiency and speed in detecting and responding to anomalous activity, thus minimizing damage to the business.
Coupled with having full visibility on the origin of attacks and security environment, the UDA team found additional value in the platform, which served as the central repository for all associated evidence and case management. This immensely helped the UDA team’s time management on tracking and remediating cases, as they were able to view a real-time news feed of all completed actions associated with a timestamp for each case. In fact, by aligning their processes with LogRhythm SIEM, the team was able to cut down on mean time to detect and response times from between 48 and 72 hours to just under 30 minutes.
Orchestrating Workflows Intelligently and Swiftly
The adoption of LogRhythm’s SIEM solution has strengthened UDA’s ISO 27001:2013 certification application, which is now in process. It covers various areas in incident response and information integrity through a unified hub orchestrating workflow. The positive results and achievements with LogRhythm have led to UDA placing the platform at the center of its security IT universe, with the IT team looking at closer collaboration efforts for a 24/7 Security Operations Centre (SOC) and the possible inclusion of cloud deployment.
LogRhythm helps security teams stop breaches by turning disconnected data and signals into trustworthy insights. From connecting the dots across diverse log and threat intelligence sources to using sophisticated machine learning that spots suspicious anomalies in network traffic and user behavior, LogRhythm accurately pinpoints cyberthreats and empowers professionals to respond with speed and efficiency.
With cloud-native and self-hosted deployment flexibility, out-of-the-box integrations, and advisory services, LogRhythm makes it easy to realize value quickly and adapt to an ever-evolving threat landscape. Together, LogRhythm and our customers confidently monitor, detect, investigate, and respond to cyberattacks. Learn more at logrhythm.com.
Explore LogRhythm Case Studies
eFinance Strengthens the Digital Payment Security Ecosystem in Egypt with LogRhythm SIEM
eFinance is a national developer of digital payments infrastructure in Egypt and has successfully built a solid foundation to provide industry leading fintech solutions across the nation. It is an integral partner in the Egyptian government’s push for digitization. eFinance’s flagship
LogRhythm helps to mature security operations of Central Banks in Asia Pacific
Central banks play an important role in facilitating economic and financial stability in their respective countries. Broadly speaking, they do this by establishing monetary policy to achieve low and stable inflation, developing the financial system infrastructure, and regulating the financial
Global Fintech Company Deploys LogRhythm’s SIEM to Minimize Cybersecurity Risk and Maximize ROI
A global fintech company needed a way to drive greater efficiency into its cybersecurity posture by achieving measurable time and cost savings. As the threat landscape continues to grow for the financial services industry, it needed to find the right