Managing Security Operation Centre (SOC) for a Large Bank in India

We partnered with India’s top bank to enhance their Security Operation Centre, ensuring robust protection and seamless banking services.

Business Issue

The client’s Security Operation Centre (SOC) faced significant challenges in maintaining secure banking services. Key issues included limited threat visibility and log aggregation, inadequate protection against ransomware, phishing, and social engineering, and the need to scale from 50,000 EPS to 120,000 EPS due to the bank’s growth.

These challenges hindered the bank's ability to provide safe and secure services to its customers. Addressing these issues was critical to maintaining the bank's reputation and ensuring customer trust.

Solution

To improve security monitoring, we integrated an SIEM tool into the existing architecture, aligning it with company policies. This integration enhanced data visibility by synchronizing existing data and creating a comprehensive view of the entire landscape on a single dashboard.

We also expanded the SOC to accommodate new devices and branches resulting from the bank’s growth. The robust security infrastructure was built using RSA NETWITNESS, Bluefox, Nagios, Trend Micro, and Smokescreen, ensuring comprehensive protection.

Outcomes 

The enhanced SOC protected the bank’s systems against internal and external threats, including ransomware, malware, and phishing attacks. User access rights were assigned based on roles, adhering to company policies.

The solution provided end-to-end visibility, enabling the identification and quarantine of all types of threats. This comprehensive approach ensured a secure and reliable banking environment for the bank’s customers.