Building a SIEM for Legacy Platform Compliance

The Challenge

A large U.S. health insurer deployed a security information and event monitoring (SIEM) solution to bolster their program capabilities. However, incompatibility with legacy computing platforms that operated the majority of their core business undercut the value of the SIEM. Continuous false positive compliance alerts from the SIEM stemming from incompatibility threatened the value of the entire investment. Without the budget to overhaul the entire foundational infrastructure of their business, the SIEM seemed like a loss.

The Solution

Level Nine’s technical subject matter experts assisted in developing new interfaces that allowed the SIEM to properly monitor legacy technology. During the engagement, the Level Nine team identified a number of software defects in the implemented solution that prevented accurate information processing. As a result, Level Nine engineers spent several months working with the software vendor to develop fixes for these issues and construct solutions that enabled the client to monitor their legacy computing systems.

In 2016 cybersecurity spending topped $80 billion.

Are you getting the most out of your investments?

After the Engagement

Since the engagement, the client achieved 100% compliance with their own monitoring standard for most of their legacy technologies, and as close to 100% as technically possible for others. The client now effectively monitors their most critical IT assets and leverages the information captured in their incident response and investigatory processes.

Have a similar project?

© 2019 Level Nine Group