The Challenge: Complex Operations, Limited Visibility

Clal Insurance is one of Israel’s largest insurance companies, managing a broad digital footprint across dozens of sites. For David, the Operational Security Lead, the challenge was clear and costly: too much time spent on security operations without a complete understanding of the underlying risks. “Before XM Cyber, solving a single problem could take me an entire day,” David explained. “I couldn’t always understand what was really happening.”

With multiple sites, applications, and users, the Clal security team lacked the essential, end-to-end visibility they needed to connect the dots and act quickly on threats. They were reacting to individual incidents instead of seeing the full attack scenario.

The Solution: End-to-End Scenario Visibility

After exploring other options, the team at Clal approached XM Cyber. The platform immediately transformed the security team’s operations by mapping dynamic attack paths, proactively identifying misconfigurations, and exposing suspicious behavior across their ecosystem. “XM Cyber shows me everything happening in my company,” David said. “From password changes to unauthorized account usage. Before, I couldn’t see these things. Now I can see the entire scenario.”

The deployment was seamlessly supported by XM Cyber’s dedicated team, who assisted in building a robust gateway architecture to secure all agent traffic. David highlighted the value of this partnership: “Whenever I need help, I just call them. They listen, analyze, and solve my problems. The service is excellent.”

The Solution: End-to-End Scenario Visibility
Clal Insurance saw immediate and lasting results across their security posture and operational efficiency:

• Dramatic Time Savings: Incident resolution dropped from a full day to less than an hour, freeing David and his team to focus on strategic security initiatives.
• Complete Scenario Visibility: The team gained the ability to track lateral movement, credential misuse, and domain escalations in real time, moving from incident response to true scenario tracing.
• Proactive Hardening: XM Cyber highlighted critical risks in Active Directory and Azure, such as orphaned groups and inactive accounts, allowing for rapid and effective remediation.
• Simplified Executive Reporting: Intuitive dashboards and risk scores now translate complex security posture into actionable information that senior management can easily understand.

The platform proved its critical value during a recent real-world test: “We saw someone enter the admin domain group by stealing a certificate,” David recounted. “Without XM Cyber, I would never have detected it. With XM Cyber, I traced the full scenario back to the source.”

Recommendation and Future Outlook

David confidently recommends XM Cyber to other organizations under Clal Insurance’s responsibility, emphasizing its role as an indispensable operational tool. “For me, XM Cyber is like a mirror. It shows me exactly what to do,” he said. “I always recommend it, because it saves time, solves problems, and makes everything clearer.”
Looking ahead, Clal Insurance plans to further expand their security capabilities by integrating new XM Cyber modules, to monitor vulnerabilities and certificates across its 35 external sites.