Two years ago, attackers had Newark-based telecom and payments provider IDT Corp. pinned down.
Security staffers had their hands full dealing with a constant inflow of attacks against the company's infrastructure.
Sorting out real attacks from false positives, cleaning up malware, and ensuring that infections didn't spread could take hours -- or longer -- for a single incident. Meanwhile, every additional minute that an infected machine stayed on the network was that much more opportunity for the attackers to bury themselves deep or to make lateral jumps to other machines.
By automating the incident response process, IDT was able to reduce the time before the infection was quarantined, shorten the remediation cycle, reduce investigation time, and free up security staff to go after the bad guys themselves.
To read this article in full or to leave a comment, please click here