Overseen by the Ministry of Entrepreneur Development and Cooperatives (MEDAC) of Malaysia, the Urban Development Authority (UDA) is a property developer that manages and operates real estate as well as provides services for housing, lifestyle, retail, and hospitality sectors. Renowned as one of the top ten property developers in the market, UDA has played an instrumental role in the development of Selangor, Kuala Lumpur, Penang, Johor, and more. To improve the developer’s overall security posture and gain visibility into its extended IT landscape, UDA has chosen LogRhythm SIEM Platform.
The Business Challenge
Blind Spots in Cybersecurity
As a company that is responsible for many governmental, commercial, and residential property development projects throughout Malaysia, it is imperative for UDA to ensure that their data, clients’ information, and assets are well protected. However, not only did the cybersecurity team lack the resources, they also lacked the experience and expertise to adequately handle the volume and complexity of both external and internal threats to UDA.
In other words, the team had been unnecessarily spending a substantial amount of time and resources manually detecting threats, which include DDoS, ransomware, brute force, and phishing attacks. Additionally, this manual detection — in the blind — also meant that it was harder to differentiate between real threats and false positives, resulting in a huge impediment to their ability to respond and remediate cyberthreats in the shortest possible time. Eventually, their ability to satisfy compliance regulations was also impacted.
Consequently, the team realized that they needed a security information event management (SIEM) solution that could enhance and centralize visibility, detect advanced threats, and respond to incidents effectively around the clock.
The Solution
Full Visibility
Following an evaluation of cybersecurity vendors, UDA selected LogRhythm for its ease of deployment and use, user interface, and out-of-the-box content for threat detection and compliance. Recognized for its leader’s position in the Gartner SIEM Magic Quadrant, LogRhythm also surpassed its competitors in terms of scalability, cost-effectiveness, and customer-focused support system that enabled the UDA team to hit the ground running quickly. In fact, it only took an hour for UDA’s IT engineers to understand and familiarise with LogRhythm’s dashboard, which did not require any advanced scripting skills in order to manage it.
Since working with LogRhythm, UDA has gained full visibility into their network and system — of internal and external threats — enabled by threat intelligence. Their efficiency and accuracy have also increased, as they were able to dial back on addressing false positives, and instead focus on real threats that were of high priority.
Reduced Detection and Response Times
Given the vast landscape of data and information UDA holds, the large organization needs to ensure that they can identify threats attempting to hide within that maze of information swiftly. With LogRhythm’s RespondX, UDA was able to streamline the investigation and mitigation of threats by coordinating and automating as many steps in the response workflow as possible. This means greater efficiency and speed in detecting and responding to anomalous activity, thus minimizing damage to the business.
Coupled with having full visibility on the origin of attacks and security environment, the UDA team found additional value in the platform, which served as the central repository for all associated evidence and case management. This immensely helped the UDA team’s time management on tracking and remediating cases, as they were able to view a real-time news feed of all completed actions associated with a timestamp for each case. In fact, by aligning their processes with LogRhythm SIEM, the team was able to cut down on mean time to detect and response times from between 48 and 72 hours to just under 30 minutes.
Orchestrating Workflows Intelligently and Swiftly
The adoption of LogRhythm’s SIEM solution has strengthened UDA’s ISO 27001:2013 certification application, which is now in process. It covers various areas in incident response and information integrity through a unified hub orchestrating workflow. The positive results and achievements with LogRhythm have led to UDA placing the platform at the center of its security IT universe, with the IT team looking at closer collaboration efforts for a 24/7 Security Operations Centre (SOC) and the possible inclusion of cloud deployment.
About LogRhythm
LogRhythm helps security teams stop breaches by turning disconnected data and signals into trustworthy insights. From connecting the dots across diverse log and threat intelligence sources to using sophisticated machine learning that spots suspicious anomalies in network traffic and user behavior, LogRhythm accurately pinpoints cyberthreats and empowers professionals to respond with speed and efficiency.
With cloud-native and self-hosted deployment flexibility, out-of-the-box integrations, and advisory services, LogRhythm makes it easy to realize value quickly and adapt to an ever-evolving threat landscape. Together, LogRhythm and our customers confidently monitor, detect, investigate, and respond to cyberattacks. Learn more at logrhythm.com.
Explore LogRhythm Case Studies
Healthcare Software Company Gains Comprehensive Visibility with LogRhythm Axon
A healthcare identity access provider was looking for a security information and event management (SIEM) platform that could maximize visibility into potential threats and boost analyst efficiency. Due to the nature of their business and the sensitive customer data they
Dataproof Uses LogRhythm’s SOC Services to Deliver End-to-End Cyber Resilience in Africa
Dataproof Communications is a leading IT Services and Consulting Company specializing in cybersecurity operations, best practices, and technologies. Based in Johannesburg, Dataproof’s mission is to provide first-class cybersecurity solutions to its customers across Africa. It delivers its large base of
The Football Association Deploys LogRhythm to Bring Greater Cyber Maturity to the Sport Industry
The Football Association (FA), English football’s governing body, was formed in 1863 to oversee, promote and develop English football at all levels, from grassroots through to the professional game. Its core objectives include ensuring that The Emirates FA Cup remains