CASE STUDY: Mid-size Municipality
“Reveald is a partner, not a paycheck. They jumped into action when our previous MSSP left us in a bad situation and their quick response and professionalism ensured our transition was seamless. Since beginning our relationship with Reveald, our EDR tenant and process has matured significantly. So when I saw CEM360°, it was a no-brainer. CEM360° provided value within the first week of POV, finding exploit paths that had been unknowingly introduced into our environment by well-intentioned administrators.
“CEM360°’s reporting and visualization of attack paths augmented my team’s threat hunting capability overnight by providing real-time, actionable information. Unlike other vendors I’ve used in the past, Reveald has built the platform to provide understandable reporting that explains the threat in detail and provides clear guidance on how to fix the problem. Our IT teams can now visualize complex attacks and close the holes before they become a threat. It’s like having a pen tester on my team that never sleeps!”
Tim McCain, Chief Information Security Officer, City of Aurora
With a population of 399,000, the city of Aurora, Colorado spans 164 square miles and is Colorado’s third largest city. Just minutes away from Denver International Airport, the city includes four school districts and eight campuses of higher learning.
The city’s government includes over 4,000 employees across twenty-two distinct business units. The information technology (IT) department works with city departments to provide leading-edge technology to position the city of Aurora as a leader in the use of technology in local government. The IT department oversees citywide networking, telecom, servers, desktop support, technology planning, and cyber security. It manages over 6,000 endpoints (physical devices that connect to a network system such as computers, virtual machines, embedded devices, mobile devices, and servers).
To protect Aurora’s network and endpoints, the city brought in Reveald to enhance its cybersecurity and provide expert guidance and advanced protection from malicious cyberattacks for all agencies in the city.
The city of Aurora was using CrowdStrike Falcon Complete for endpoint protection of its 6,000+ endpoints, real-time threat detection, and proactive threat hunting and was interested in an enhanced service solution to provide support for its CrowdStrike Falcon Complete platform.
Aurora’s IT department chose Reveald’s Endpoint Defense Management 360° (EDM360°) subscription service and the Reveald Fusion Center to work with the CrowdStrike team to provide a complete turnkey experience. EDM360° provides managed detection and response (MDR) for CrowdStrike Falcon Complete users. It reduces costs by consolidating tools and vendors, with full visibility across a client’s full set of Falcon modules. Its white glove service manages deployment, configuration, tuning, and optimization of the Falcon environment, minimizing the attack service.
The experts in Reveald’s Cyber Fusion Center deliver proactive management, configuration, monitoring, and hands-on response to cyber threats, in close collaboration with the CrowdStrike Falcon Complete and Security Operations teams.
Because Reveald and CrowdStrike together deliver a complete solution, Aurora was confident that EDM360°’s features combined with the Fusion Center team would provide the level of cybersecurity service and support the city required.
Using a consistent and predictable onboarding approach, Reveald’s client success team held weekly onboarding meetings with Aurora’s IT department. One of the key benefits of the engagement is that the IT department has consistent contact with Reveald team members. Reveald’s client success team ensures that relationships are formed and that everything works well throughout the engagement and surpasses expectations. By ensuring Aurora has a relationship with a Reveald client support manager willing to meet at hours convenient to Aurora’s IT department, the city was confident that issues and unexpected events would be handled with remarkable responsiveness.
Once onboarding was complete, Aurora’s IT department began working with Reveald’s Fusion Center team and the combined group moved to bi-monthly or monthly meetings, depending on Aurora’s needs.
Reveald’s Fusion Center team provides 24/7 hands-on response to cyber threats in close collaboration with the CrowdStrike Falcon Complete team. Throughout the engagement, and to the present day, the Reveald Fusion Center team delivers measurements and key results against the city of Aurora’s organizational objectives. Additionally, whenever things occur that need extra attention, Aurora can contact its Reveald client success manager (CSM) for a meeting and receive immediate attention and results, and the Fusion Center team is always happy and willing to spend whatever time necessary to address the city’s events, often going above and beyond.
At different points during the engagement, the city experienced escalated events. Reveald’s Fusion Center team partnered with Aurora’s IT team on the research, resolution, and strategy for responding to these events. The city has been using EDM360° and working with the Fusion Center team for over a year and Reveald continues to provide services to the city in any way necessary for endpoint management, defense, and alerts.
As a result of the successful EDM360° engagement, the Aurora’s IT department worked with Reveald to do an on-site proof of value (PoV) analysis to demonstrate the effectiveness of a continuous threat exposure management (CTEM) program delivered via Reveald’s Continuous Exposure Management package, CEM360°.
CEM360° leverages Reveald’s Epiphany Intelligence Platform and expert analysts from the Reveald Fusion Center to provide CTEM around-the-clock, 24/7. This service is based on attack graph analysis, leading to business risk reduction outcomes by ingesting and aggregating data from a variety of sources, automated security analysis, validation, reporting, and guided resolution.
The PoV went extremely well and the city of Aurora is embarking on a new and expanded relationship with Reveald as it begins implementing CTEM with CEM360°.
Contact Us
Trusted by industry-leading organizations across the globe.
