Large Scale SIEM Implementation
Technical implementation coordination and project management for a Security Information and Event Management (SIEM) platform based on IBM QRadar.
Brief
A leading German IT banking service provider faced the challenge of consolidating their complex cybersecurity monitoring landscape into a unified Security Information and Event Management (SIEM) solution. The project encompassed the integration of over 40,000 assets into the new centralized SIEM platform and the development of more than 380 customized monitoring use cases specific to their banking environment.
BxC led the implementation of this comprehensive SIEM solution, ensuring complete visibility across the organization's IT infrastructure. The team established sophisticated detection and response capabilities while adhering to strict banking industry security standards. Through careful orchestration of the implementation process, the solution now provides holistic security monitoring and robust threat detection across all critical banking systems.
3
Years Project Runtime
380+
Platform-Specific Use Cases
40.000+
Log Sources
Our Activities
Technical Project Management and Project Lead
Optimized project delivery through implementation of a sophisticated hybrid project management approach. By combining structured waterfall planning for strategic timeline management with agile methodologies for flexible execution, we enhanced project efficiency and predictability. This balanced framework ensures clear project milestones and deliverables while maintaining the adaptability needed for complex security implementations.
Coordination Of System Connections
Orchestrated comprehensive vendor transition and stakeholder management throughout the migration process. Our team served as the primary liaison with the new solution provider, streamlining communication and coordinating cross-functional implementation efforts. We managed strategic workshops across business units, ensuring proactive information flow and minimal disruption to client operations while maintaining focused project progression and efficient resource utilization.
Coordination Of Use Case Development
Orchestrated the development of an extensive SIEM security monitoring framework, comprising over 380 platform-specific use cases aligned with MITRE ATT&CK. Led a diverse team of 18 security analysts and developers across multiple vendor platforms, establishing comprehensive threat detection capabilities. This sophisticated monitoring framework enables targeted threat detection and response across the entire industrial technology landscape.
Our Contribution to Success
Sustainable Implementation
Harmonization of the existing logging and monitoring infrastructure towards a central SIEM solution including the technical implementation and operationalization of all required processes.
Realized Use Cases
Successfully designed, developed, and implemented over 380 platform-specific monitoring use cases, including comprehensive detection rules for security incidents, compliance monitoring, threat detection scenarios, and automated response workflows, all tailored to the specific requirements of the banking environment and regulatory frameworks.
Log Source Integration
Successfully integrated and standardized more than 40,000 log sources across the enterprise infrastructure, implementing a harmonized logging approach with streamlined collection technologies, unified parsing methods, and normalized data formats to ensure consistent security monitoring and efficient analysis capabilities across all banking systems and applications.