How Swimlane helps ProCircular deliver higher quality results to improve the security operations performance metrics.
About ProCircular
ProCircular is a Managed Security Service Provider (MSSP) focused on delivering cybersecurity expertise for a wide range of clients. From full-service monitoring and consulting to security posture assessments, ProCircular enables organizations to confidently manage their cybersecurity risk with information security services. The security team at ProCircular is tasked with providing realistic, actionable and expert guidance to organizations looking to improve their security readiness, meet regulatory commitments, and address the ever-changing landscape of cyber threats. ProCircular currently serves a diverse client base in education, finance, government, healthcare, manufacturing, transportation, defense contractors, and more.
The Challenge
As an MSSP, security is at the core of ProCircular. That means quickly adapting to the unique needs of the clients they serve across all industries, many with strict compliance requirements. The ProCircular cybersecurity operations team began to see their clients add different security products and solutions into their technology stacks. The introduction of these new tools needed a great deal of effort to manage. As ProCircular CTO, Brandon Potter, explained, “the time and the effort and the overhead to manually integrate and develop integrations into other platforms – or to reduce some of that manual overhead – really takes a toll”.
Hiring more security professionals wasn’t the solution. Not only are there an estimated 600,000 unfilled cybersecurity positions in the United States, but finding security experts with a background in niche client industry tools can quickly turn up fruitless.
As Potter describes it, “people are expensive, especially good people – and no one wants to provide an inferior service. We want the right talent, the right experts”. To maximize the bandwidth of their existing personnel, Potter acknowledges that the ProCircular team needed to focus on the repetitive tasks in their processes. “Let’s remove the manual need for that. Let’s make sure we’re leveraging the technology to the fullest to provide more efficiency and capacity within the team”.
How Swimlane Helped
ProCircular’s CyberOps team needed a solution that could help in two major ways:
-
Automate and orchestrate repetitive tasks to save time, effort, and overhead
-
Offer a flexible platform that’s easy to implement, scale, and integrate with a range of client tools
As part of their services, ProCircular offers managed XDR, EDR, SIEM, and SOCaaS solutions – all of which require security analysts to perform time-consuming, repetitive tasks. ProCircular identified this as a key area for automation to step in to reduce the workload for their teams.
“We’re able to integrate multiple different tool sets, whether they’re client-owned or ProCircular provided. It provides that much-needed automation and orchestration where we can integrate threat intelligence inquiries to really bring the high fidelity alerts up to the front. This gives us more time to hunt for the needle in the haystack, rather than triaging things that are known. We can spend expert time on expert tasks.”
“Swimlane is really going to be the backend brain of our technology stack for the future. Not only will it help with automation and orchestration, but the big draw for us was the flexibility and ease of integration for a more product-agnostic approach. So we’re not going in with one vendor – we’re much more flexible.”
“Given the flexibility of Swimlane, we will absolutely look – even outside of the security operations center – for use cases where we might be able to enhance processes with automation”.
Quick Wins with Security Automation
The results were immediate for ProCircular. In the short amount of time, they have been a Swimlane customer, they have experienced beneficial results that improve their security performance and grow their business. Read the ProCircular case study for more details, but here at the highlights:
Increase in Efficiency – “During our 45-day proof of value time…we saw close to a 60% efficiency increase on our team.”
Improve Security Metrics – “Swimlane really is the glue that holds everything together in our security stack. We have all of these unique and individual toolsets. With Swimlane, we’re allowed to cohesively bring that together and provide those higher-fidelity alerts – and reduce our mean-time-to-detect and mean-time-to-respond.”
Faster Event Triage – “We’re seeing a significant uptick in the number of events we can triage in a timely manner, and declassify or raise the priority using some SIEM triage playbooking as well as some EDR playbooking.”
Growth in Customer Acquisition – “In order to do this much work, we would’ve had to add an additional three or four analysts immediately to handle the amount that we’re handling. So we’ve been able to add more clients strategically without expanding our cost with additional staff or reducing the quality of our service delivery.”