Integration Case: Design and develop data feed for Security Information and Event Management (SIEM) analysis to meet security policy objectives for data controls and auditing

, , ,
Integration Case: Design and develop data feed for Security Information and Event Management (SIEM) analysis to meet security policy objectives for data controls and auditing

Client:

National grocery retailer with one of the world’s largest implementations of Workday

Challenge:

Our client, like most companies today, faces an increasing number of cybersecurity threats that impact many different aspects of their business. As part of their risk management and mitigation strategy, they initiated a project to generate sophisticated reporting and analysis of security-related incidents and events related to their Workday instance. These reports included details such as successful and failed logins, malware activity, and other possible malicious/suspicious activities.

To facilitate the automation of this solution, the client asked Dispatch to identify data sources that could contain evidence of security-related events and built integrations to pull that data into their security analytics engine.

Solution:

Dispatch identified data sources and report content (such as bank account change velocity, compensation plan deltas, security group membership, password reset events, and Workday account change velocity) for review and analysis by the SIEM implementation team. Using the Workday Enterprise Interface Builder (EIB), Dispatch then developed and scheduled the integration to deliver Workday data and logs used to build the SIEM reports.

 

Submit a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.