Effective Monitoring and Securing Sensitive IT Resources Using Splunk Enterprise Security

A leading independent oil and gas producer in Nigeria. The company is listed on the Nigerian Stock Exchange and London Stock Exchange and supplies almost a third of the natural gas Nigeria uses to generate power.

Citrus Consulting Services Enables Effective Monitoring and Securing Sensitive IT Resources Using Splunk Enterprise Security for Oil and Gas Producer in Nigeria.

• Required a monitoring solution for application which could be designed, engineered operationalize as per PCI compliance.
• Required central logging system.
• Required application security monitoring.
• Accurate event triggering and minimum false positive alerts

• Built SIEM monitoring to comply with Level 1 PCI requirements. Engagement activities included SIEM requirements gathering, design, and deployment.
• Performed SIEM content tuning to reduce false positive events and alerts and provide more actionable data to Level 1 responders.
• Developed solution to monitor for gift card fraud and track value of loss prevention.
• Worked with HR to build use cases that would detect unauthorized changes to benefits records and “ghost” recipients.
• Institutionalized a risk review committee and developed security reporting to track progress against specific risk management and efficiency objectives.

• Centralized Logging Solution in compliance with PCI standards.
• Logs collected are evaluated against number of Indicators of compromise (IOCs)
• Real time threat analysis for consuming and managing threat feeds, detecting threats, and alerting
• Real time Dashboard for Application teams
• Customized Alerts as per business requirement and fine tuning to avoid false positives.