How this Managed Detection and Response Team Automated Cybersecurity Reports to Customers from Elasticsearch Kibana
This case study will show how Cynet, a cybersecurity platform and service provider from Israel, automated emailing of security reports to its customers in PDF format from its Elasticsearch-Kibana security data lake and freed up more than 20 hours per month of employee time.
Visual security reports help the Cynet Managed Threat Detection and Response(MDR) service team to drive value to customers about their unique solution and meet the customer SLA requirements. Cynet was able to easily accomplish their goal of automating insightful cybersecurity reports to their major customers within one month and freed up tens of hours per month for its Operations team.
In this case study, we’ll show you how reporting helps the Cynet MDR Cybersecurity Operations Team and how Cynet accomplished this key business requirement.
Cynet’s Unique Approach to Cybersecurity
More than ever, Cybersecurity is at the top of mind for all organizations. The recent Solarwinds hack not only highlights the sophistication of the attacks, but also brings the need for an equally sophisticated cybersecurity strategy and operations for every organization to the forefront. And this is exactly the forte of Cynet, a cybersecurity platform and services provider based in Israel.
Cynet was started in Israel five years ago to focus on endpoint detection and protection while delivering included security service on top of their dedicated Cynet 360 platform. The unique advantage of Cynet is that their Managed Threat Detection and Response(MDR) service is included free of cost with their Cynet 360 platform to all their customers. Its customers include large and medium sized organizations such as Allianz, Costa Crociere, and East Boston Neighborhood Health Center.
The Secret Sauce of Cynet Managed Detection & Response Service
Cynet’s MDR service is offered by the Cyber Operations(CyOps) team which is led by Shiran Grinberg, CyOps Manager and Sivan Chachashvili, CyOps Team Leader. The CyOps team is a 24×7 SWAT team of seasoned professionals focused on identifying threats and vulnerabilities in customer environments and providing the human oversight necessary to detect and respond in a timely manner.
On any given day, the CyOps team goes through tons of data and alerts coming from the customer environment. They use Elasticsearch to capture and analyze the customer environment security data. Kibana is used to visualize the data. The CyOps team analyzes the alerts and decides if the alerts are traces of malicious activity. If they are malicious, a chain of events called Incident Response is initiated to mitigate and remediate the threat in the customer environment.
Using Cybersecurity Reports to Drive
The CyOps team needed to present the findings from their analysis to clients in a visual manner. While their Cynet360 platform is used for monitoring the activities, customers needed monthly and quarterly reports of the security posture of their environments. These reports not only provide insights to customers about their cybersecurity readiness but also help Cynet accentuate the value delivered by its unique combination of MDR platform and CyOps service. The reports increase customer retention and also differentiate Cynet from its competitors.
Check out the complete video of Shiran and Sivan speaking about their company and how they use Skedler for MDR Reporting from Kibana.
Manual Reporting from Kibana was
Since the open source version of Kibana lacked reporting capability, the CyOps team had to manually create these reports for each of its customers. They would first create the visualizations in Kibana, take screenshots, paste them into a report, format the report, email it to their customer and repeat it for each and every customer.
Needless to say, this was a cumbersome and time consuming process. A CyOps team member was spending several days per month to create these customer reports. It became unsustainable and forced the CyOps team to look for tools that could automate the report creation and distribution.
Cynet Automates Export of Kibana Reports
The CyOps team evaluated three potential solutions for Kibana reporting and ultimately chose Skedler as their Kibana reporting solution. “We just took Skedler as it was the best solution for us”, says Sivan Chachashvili. For CyOps team, it’s the manpower and the time saved every month by not spending countless hours to take screenshots and manually create reports for customers.
“Within one month, we have produced 20 reports for most major customers using Skedler and we’ve already started to gain traction”, says Shiran Grinberg, CyOps Team Manager at Cynet.
Last Word, But Not the Least, from CyOps Team
Skedler’s technical prowess was not the only factor that impressed Cynet. Shiran and team were pleased with the sales and after-sales support provided by the Skedler team. “Sales and support team is a part of the overall picture or the overall product. Once you have people who you can communicate with, they understand you and you understand them, it makes everything way easier.” concludes Shiran.
If you found this case study inspiring, we’d really appreciate it if you would share the story on Twitter/LinkedIn/Facebook or other forums.
If you are looking for a Kibana Reporting and/or Grafana reporting solution, be sure to test drive Skedler.