LifeLabs is the largest medical lab diagnostic company in Canada. Watch their CISO and VP of Technology Shared Services, Mike Melo, describe how his team uses Reveal Security’s platform to get visibility into how users and identities are interacting with their data and application systems – post authentication.
See how Reveal Security helped them reduce MTTD and MTTR by more than 50% and allows him and his team sleep better at night knowing knowing that their environments are protected!
Transcript
00:03
with the reveal product I feel a lot more comfortable being able to sleep well knowing that our environments are protected and that we have the right level of visibility and capability reveal plays a very critical role in our entire cyber security stack not only are
00:19
we getting actionable intelligence in systems that you know we didn’t really have a solution for but we’re able to meet some pretty stringent contractual and Regulatory requirements because of reveal that there just wasn’t proper solutions for it unless you were to try
00:35
to customize something we leverage reveal not only for alerting and enrichment but also for threat hunting we’ve seen that our analysts are more engaged quicker to interact and understand the actual problems that the tool is telling us about so one of the greatest things with this tool is that
00:59
my team doesn’t have to be sold on it they just luck using it we’ve adopted a lot of new SAS Technologies over the past couple years and one of the most interesting things that we found is there is not a lot of capability once you go P the post authentication phase
01:19
into a SAS application reveal really gives us an ability to understand what are the different elements that are happening beyond that post authentication where most identity and other types of security products focus on the actual authentication themselves reveal takes it a step further and they
01:38
go into all of the defined details of what’s happening in the journey and the interaction with the software beyond that post authentication we can actually now see how identities and users are truly interfacing and interacting with our different applications so
01:56
understanding if certain files are being moved or changed or modified really gives us the proper insights to say hey is this following you know least privilege model is this user supposed to be doing this and being able to identify any sort of Nefarious or things that may
02:14
be questionable leveraging reveals modeling in the background without us having to dig in to this prehistoric methodology around baselining requirements of user Behavior because behaviors change and so it’s quite interesting to see how reveal can take all of these different elements
02:38
contextualize them and give us an extremely accurate representation of how users and identities are interacting with our data and our application systems when we look at the traditional means of identifying threats we ultimately have been chasing this what is known bad threat anomalies reveal
02:59
allows us to not have to focus as much time and attention to creating different rules and kind of wh listing or creating this list of things that we have to find based on her istics it’s able to automate a lot of this for us and also identify and detect unknown threats
03:17
right this is a huge area in security where we don’t have a lot of visibility or ability into identifying unknown threats we see this in the zero day category when we talk about vulnerability management but when it talks to threats and the underlying elements of a threat we can’t possibly
03:35
know all the different types of threats we’ll face so having a tool that we can rely on to be able to watch our backs and have our backs during any sort of threat detection whether it’s known or unknown is huge for us one of the key things that stood out for us early days
03:53
with reveal was the ease of use and their ability to really work with our team and get us that quick time to Value we went from extreme alert fatigue to being able to be more proactive versus reactive and I would say that reveal really allows us to kind of cut through
04:16
a lot of the mundane repetitive tasks and we can also focus on higher priority initiatives and get to better meantime to response and detection metrics using reveal we’ve been ultimately able to reduce things like our meantime to detect and respond by over 50% and in
04:37
some areas we actually now have the means to detect and respond I would absolutely recommend reveal to many of my ciso colleagues I think anybody who’s looking to understand what’s truly happening in their environment reveals the product for it
