Next Gen Monitoring Solution with Enterprise Security for BFSI Sector

Citrus Consulting FZ LLC had been engaged by one of leading Bank of Africa to Design & Implement Splunk Enterprise Security solution for both their Production and Dev sites with best practices as per industry standards to help them effectively monitor, collect secure audit trails for their sensitive IT resources placed in their new AWS environment.

Along with project delivery, Citrus Consulting FZ LLC is providing Managed Support Services to effectively monitor 24×7 and alerting the respective teams against prevailing threats with remedies to mitigate them.

Citrus Consulting Services Implements Next Gen Monitoring Solution with Enterprise Security for BFSI Sector.

The Palo Alto Networks VM-Series firewall is the virtualized form of the Palo Alto Networks next-generation firewall. It is positioned for use in a virtualized or cloud environment where it can protect and secure east-west and north-south traffic.

It allows you to meet all your demands with automatable, scalable and easy-to-deploy virtual firewalls ideal for environments where deploying hardware firewalls is difficult or impossible. VM-Series virtual firewalls provide all the capabilities of the Palo Alto Networks next-generation hardware firewall in a virtual machine form factor, so you can secure the environments that are vital for your competitiveness and innovation.

• Required a monitoring solution for application which could be designed, engineered operationalize as per PCI compliance.
• Required to comply with Level 1 PCI requirements.
• Accurate event triggering and minimum false positive alerts.
• Track value of loss prevention
• Build used cases to detect unauthorized changes.
• Monitoring and scan for prevailing threats.
• On-time mitigation for the threats.
• Monitor resource health and generate alert for the same.

• Built SIEM monitoring to comply with Level 1 PCI requirements. Engagement activities included SIEM requirements gathering, design, and deployment.
• Performed SIEM content tuning to reduce false positive events and alerts and provide more actionable data to Level 1 responders.
• Developed solution to monitor for gift card fraud and track value of loss prevention.
• Worked with HR to build use cases that would detect unauthorized changes to benefits records and “ghost” recipients.
• Institutionalized a risk review committee and developed security reporting to track progress against specific risk management and efficiency objectives.

• End to End configuration and troubleshooting support of Splunk and fine-tuning alerts by in-house security experts.
• Configurations in sync with the best practices of industry standards and as per ISO 27001 and PCI compliance standards.
• Configurations in sync with the best practices of industry standards and as per ISO 27001 and PCI compliance standards.
• Monthly and Quarterly Reporting for active and passive threats.
• Ticket raising and strict adherence to SLA’s as agreed upon
• Adhering to strict timelines to ensure smooth completion of the project
• Cost effective