Why RV Connex Chose Swimlane As “The Powerhouse” Of Their SOC

3 Minute Read

RV Connex is a Thailand-based company that specializes in national defense and space manufacturing. Since RV Connex has implemented security automation they have achieved significant progress. Tanajak Watanakij, Vice President of Cybersecurity and Chief Information Security Officer (CISO), is leading the charge in R V Connex’s cybersecurity initiatives. He emphasized the transformative results enabled by automation, highlighting a remarkable 300% increase in the customer-to-analyst ratio.

Just by implementing Swimlane’s low-code automation platform, Watanakij was able to scale RV Connex’s internal operations inside and outside the security operations center (SOC) and externally for their managed detection and response (MDR) customers. According to Watanakij, Swimlane’s professional services team offers “unwavering support” for the platform. Whether it involves developing new integrations at no cost or engaging the CTO to ensure optimal automation is scaling across the entire organization, Swimlane fulfills all of RV Connex’s requirements.

Continue reading to dive deep into the distinct use cases and exceptional outcomes that RV Connex gained with Swimlane.

Company-Wide Automation Results Unlocked 

Say goodbye to the old and hello to the new – RV Connex did exactly that. With automation, Watanakij and his team revolutionized their SOC and incident response capabilities. 

They got rid of manual processes such as manual customer engagement and command line dispatches, and replaced it with streamlined automation. As a direct result, there was a substantial reduction in response times for their customers. But it didn’t stop there – RV Connex went beyond conventional SOC use cases and leveraged automation for use cases including fraud case management and employee onboarding and offboarding

Now, let’s delve into each of these particular use cases where RV Connex harnesses Swimlane’s AI-enabled low-code automation.

Automated Retro Threat Hunting Fuels Rapid MDR Business Growth

RV Connex accelerated their time to detection, triage, investigation, and response by using automation to streamline alert prioritization so they can accurately differentiate true from false positives. Integrating Swimlane into their customers’ threat intelligence platforms fortified defenses against prevalent malware and ransomware attacks. Additionally, RV Connex facilitated automated “retro threat hunting,” a continuous monitoring for severe indicators of compromise (IOCs). For example, malware and ransomware attacks. All of this contributed to RV Connex’s rapid business scalability in just 2-3 years of starting their MDR solution, Cynclair.

  • 300% Increase in Customer-to-Analyst Ratio: Previously, a SOC analyst could merely manage 2 – 3 customers, but now that number has surged to an impressive 8 – 10 customers per analyst. 

Vulnerability Management Strengthens Company-Wide Security

Rv Connex integrated Swimlane into their vulnerability scanning servers, access management systems, and past management tools. This automation streamlined vulnerability detection, assessment, and remediation actions, significantly reducing their teams workload. 

  • Enhanced Analyst Efficiency Beyond Customer Scenarios: The RV Connex SecOps team reclaimed valuable time, enabling them to not only dedicate their time to MDR processes but also internal priorities, strengthening the company’s overall security posture.

Enhanced Visibility with Fraud Case Management Dashboards 

According to Watanakij, their SOC is far from traditional and referred to it as a “cyber-fusion center,” blending cybersecurity and fraud prevention together. Swimlane served as their case management and automation platform, facilitating seamless collaboration with internal fraud experts at RV Connex.

  • Automated Dashboards Utilized for Customer Visibility: RV Connex used automation to develop integrated algorithms while Swimlane automated each transaction and provided customer dashboards. Previously, customers lacked visibility into their transactions and data. Now, Swimlane efficiently oversees all data streams, automatically providing customers with comprehensive dashboards.

Automated HR Processes and Access Management

For RV Connex, automation had no limits; they embraced it throughout the entire organization. Swimlane was integrated into HR databases such as Monday.com and active directory systems, where their team was able to seamlessly automate various processes.

  • Automated Employee Onboarding and Offboarding: In the past, RV Connex would have required a more extensive HR team, but with automation, they are now able to streamline various HR processes, including employee onboarding and offboarding.

Guidance for Organizations Embarking on Their Security Automation Journey

If you’re looking to get started with security automation, but not sure where to begin, the RV Connex team has some quick tips for you:

  1. Establish the processes to automate before building playbooks 
  1. Search for a vendor who offers the support & professional services to help you if and when you get stuck 
  1. Choose a security automation platform that will scale with your business and help address the ever-evolving cybersecurity challenges today and in the future

Last but not least, Watanakij assures anyone looking to utilize Swimlane will not be disappointed, “I would recommend for anyone considering SOAR, to consider Swimlane first”.

Calculate your ROI with Swimlane Turbine

To help companies evaluate the potential financial impact of the potential investment, TAG Cyber conducted an extensive study on the Swimlane Security Automation Solution.


Request a Live Demo