Overview

Trixter Helped Samir Agencies Improve their overall Security Posture

Samir Agencies is a well-diversified, leading Chemical distribution services company that offers end-to-end supply management, and importing chemical solutions to a range of customers in India.

The Challenge

Samir Agencies was looking for an infrastructure & security monitoring and managed security analytics solution to meet their requirements, which included –

  • Their infrastructure monitoring for security guidelines and compliance
  • Log monitoring and analysis for their applications, services and database
  • Central log analysis and aggregation
  • Data-driven insights to identify and drive necessary process actions

The Solution

Trixter helped Samir Agencies with its Event Monitoring service to resolve issues in central log collection and analysis using Elastic Stack. Following steps were taken to meet Samir Agencies requirements –

  • 20 event sources were configured
  • 10 critical servers were identified and monitoring was set up for them
  • 50+ alerts were configured for these application servers and customized dashboards were created to enable insights
  • User‌ ‌access‌ ‌management‌ ‌and‌ ‌monitoring‌ ‌was‌ ‌used‌ ‌to‌ ‌generate‌ ‌multiple‌ ‌users‌ ‌and‌ ‌
    access‌ ‌controls‌ ‌with‌ ‌defined‌ ‌permissions‌ ‌and‌ ‌roles‌ ‌for‌ ‌their‌ ‌employees‌ ‌and‌ ‌third‌ ‌party‌ ‌
    vendors‌

Benefits Gained

  • Over 10 reports were generated every month
  • Over 1000 events were monitored every second
  • More than 300 critical events were reported every month
  • Over 100 GB of data is being analyzed every month

Value Additions

  • 300+ Gb log ingestion per month with one-time configuration
  • 43% saving than the traditional log analytics stack
  • Security posture improved from 20% to 76% in just a months’ time
  • Saved 60% development efforts for analyzing custom application logs

Tools and Technologies Used

  • Event analytics using Elastic Stack
  • Automated Python and PowerShell Scripts to continuously audit Compliance in Cloud
  • OpenVAS was deployed to run Vulnerability Assessments for their IT infrastructure