Carter Ledyard & Milburn LLP leverages Log360 for enhanced threat detection

Breaking down the business requirements

Carter Ledyard & Milburn LLP recognized the increasing sophistication of cyberthreats and the need to bolster its defenses, particularly against ransomware attacks. Matt Ruzich, IT director at Carter Ledyard, explained his team's dual focus:

A key challenge was limited visibility into network activity. The firm lacked a comprehensive system to monitor user behavior, track changes to files and folders, and receive alerts about suspicious events. This made it difficult to proactively identify and respond to potential security breaches. Furthermore, the firm needed a more efficient way to manage critical events like user lockouts and unlocks, requiring a system that could provide timely notifications. Essentially, Carter Ledyard needed a more robust system for monitoring, alerting, and incident response to strengthen its overall security posture.

The solution: ManageEngine Log360

Carter Ledyard selected ManageEngine Log360 after evaluating other SIEM solutions. The firm's prior positive experience with other ManageEngine products played a role in this decision. Log360's real-time alert capabilities, especially for Active Directory activity, were crucial in addressing the firm's core requirements. Hamid Mukhtar, system administrator at Carter Ledyard, said,

The immediate notifications have enabled the firm to investigate any suspicious changes to user accounts, permissions, or other critical Active Directory objects promptly. This proactive approach has helped mitigate the risks of unauthorized access and potential data breaches. While Log360 offers comprehensive dashboards for visualizing security data and trends, the team at Carter Ledyard has primarily relied on the real-time alerts for day-to-day monitoring and immediate threat detection. This has allowed the team to focus on responding to active threats quickly and efficiently.

Streamlined implementation and expert support

The implementation of Log360 benefited significantly from the expert support provided by ManageEngine through its OnboardPro service. This hands-on assistance proved invaluable for a smooth, efficient deployment. Ruzich said,yed a key role in addressing any concerns and ensuring a seamless transition. This proactive support ensured a successful deployment and ongoing operational success.

Mukhtar concurred, emphasizing the value of expert guidance in navigating the complexities of the custom installation and configuration.

Carter Ledyard highly appreciated the Log360 team's responsiveness in addressing any implementation challenges, including providing timely patches for unforeseen issues. The firm also considered OnboardPro's comprehensive onboarding services essential to maximizing the benefits of Log360 from the outset.

Outcomes and improvements

Since implementing Log360, Carter Ledyard has significantly improved its network visibility and gained greater control over its IT environment. The real-time alerts have proven to be a key asset, enabling proactive monitoring of Active Directory and quick responses to potential threats. This enhanced monitoring capability has helped the firm identify and address any suspicious activity before it escalates into a serious security incident.

Beyond immediate threat detection, the detailed logs and audit trails provided by Log360 have positioned the firm well for future compliance audits. It now has readily available evidence of its security practices and can easily demonstrate compliance with relevant regulations.

When asked about recommending Log360, Ruzich summarized the firm's satisfaction by saying, “I mean, in a similar environment to us, I'd [rate it] between an 8 and a 9.” Overall, Log360 has provided Carter Ledyard with a stronger security posture, improved incident response capabilities, and better preparation for compliance requirements.

About OnboardPro

OnboardPro is a ManageEngine service that provides solution implementation to clients upon request. This service includes the installation and customized configuration of ManageEngine solutions. It enables clients to seamlessly begin work without worrying about the complexities of product installation, deployment, and use. Every client environment is unique and requires additional support beyond the basic installation and standard features. With custom onboarding, clients have the option to engage a team of product experts to manage the installation, implementation, customization, and training based on their business needs.

About Log360

Log360 is a unified SIEM solution with integrated DLP and CASB capabilities that detects, prioritizes, investigates and responds to security threats. Vigil IQ, the solution's TDIR module, combines threat intelligence, an analytical Incident Workbench, ML-based anomaly detection and rule-based attack detection techniques to detect sophisticated attacks, and it offers an incident management console for effectively remediating detected threats. Log360 provides holistic security visibility across on-premises, cloud, and hybrid networks with its intuitive and advanced security analytics and monitoring capabilities. For more information about Log360, visit manageengine.com/log-management/ and follow the LinkedIn page for regular updates.