Fortune 500 Global Retailer


        Maturity Score increased by 113% in the first 30 days



  • 4500+ Global Stores
  • 270,000+ Global Employees
  • >$40 billion annual revenue
  • SIEM = Splunk Enterprise, ES


  • Currently generating >7K warnings signals into the events of interest to drive threat hunting and threat scenario correlation
  • Prioritized 3 platforms (ex. Windows, Linux, AWS) and 16 Threat Groups, scoping out 133 Priority Techniques across MITRE ATT&CK
  • Using Automation, improved parsing and normalization around data feeds for endpoint and proxy.
  • Added rules identified by the platform that improved coverage on high priority techniques
  • 5.5 hours to deploy content that would have taken >324 hours to develop, test and deploy*

“The product is easy to follow and has a great flow. I didn’t know some of these features could exist.”

-SOC Manager