Customer Wins

Delivering Continuous Exposure Management for a Global Leader in ERP

Posted by: Bill Bradley
February 08, 2024
Delivering Continuous Exposure Management for a Global Leader in ERP
Getting your Trinity Audio player ready...

Situation:

Enterprise Resource Planning (ERP) software helps global businesses run 24x7x365 operations. And just like any other vertical, ERP software providers need to ensure robust cybersecurity programs so they can continually meet the needs of their customers while reducing risk and improving security posture. This global leader in ERP has over 50 security tools in their portfolio, but have long struggled to deliver an effective defensive architecture and demonstrate cyber resilience.

 

While they leveraged multiple best of breed solutions, these tools were too narrowly scoped to deliver a consolidated view of the organization’s entire enterprise risk profile without significant manual effort. Moreover, many of their solutions were focused on providing reactive intelligence after an incident occurred instead of  taking steps to prevent an incident in the first place. They needed an ounce of prevention to provide a pound of cure.

 

Action:

A cross-functional team including IT, Security, Cloud Architects and the XM Cyber project lead built a program to deploy and integrate the XM Cyber Continuous Exposure Management Platform throughout the entire business. The initial focus was on high value lines of business where rigorous testing was conducted to ensure a smooth go-live with the XM platform. The organization also looked at how they could pair XM Cyber into their ERP solution to deliver a secure and powerful business solution to their global customer base.

 

Outcome:

Thus far, the organization has seen benefits for IT, IS, the Cloud team, and the overall business. With XM Cyber, the Security team runs continuous scenarios that simulate potential breaches but without the risk of impacting production systems or leaving breadcrumbs for attackers to later leverage. These tests then feed a prioritized list of the exposures, both in the on-prem environment and in their cloud infrastructure.

 

This business wide perspective on risk enables IT, Security, and the Cloud team to have data-driven discussions about the remediations needed and reduce the average time to remediate. In the case where exposures can’t be patched, they focus on hardening, best practices, or adjacent exposures can be addressed, to reduce the risk of a critical asset being compromised.

 

Additionally, as the organization has modernized their business, they have adopted Kubernetes (K8s) to manage cloud-native workloads and now have a comprehensive view of risks and excessive permissions across all Kubernetes clusters.

 

****

 

Want to learn more about how XM can give you a continuous view into exposures and the prioritized guidance to fix the most impactful items? Click here for a custom demo. Not ready for a conversation? Click here for a video of the platform.

Related Topics


Bill Bradley

Bill is Sr Director of Product Marketing for XM Cyber and brings a diverse background of sales, product management, and marketing to the role. He knows enough of cybersecurity to be dangerous, but also when to seek expert guidance.

Find and fix the exposures that put your critical assets at risk with ultra-efficient remediation.

See what attackers see, so you can stop them from doing what attackers do.