Cyber
Case Study

 

 

HarfangLab protects France’s 3rd largest fiber optic infrastructure operator. Guillaume Dubuc, CISO, testifies.

Context

Altitude Infra is France’s 3rd largest fiber optic infrastructure operator. The company brings fiber optics to 12.5 million people in France, and deploys, operates and markets its networks in 29 départements. Its sales in 2023 were 700 million euros.

The company urgently needed to secure its information system, not only for the optical fiber itself – i.e., the infrastructure that enables digital data to be transmitted throughout France – but also for the tools created by the company (network management software, infrastructure maintenance tools, etc.).

Guillaume Dubuc, CISO at Altitude Infra, originally had an EPP to secure his information system, but was beginning to see its limits.

“I realized that EPPs and antivirus were no longer sufficient. Attackers just need to change a small comma in a line of code and the attack can go ahead. I found the EDR approach very interesting. In particular, the fact that it detects threats on the basis of behavior, thanks in particular to artificial intelligence, and not just on the basis of signatures.”

Guillaume Dubuc, CISO

His goal? Strengthen threat detection without impacting the business, and with a minimum of in-house human resources.

As Altitude Infra’s teams are largely made up of telecoms engineers, servers and PCs have to be fast, and RAM and CPU consumption limited.

To benefit from specialized expertise and strengthen its security, the company outsourced its SOC, while maintaining an in-house team focused on decision-making and strategy.

Why HarfangLab?

After an analysis of the various EDRs available on the market, and on the advice of MSSP Capfi 6ème sens, his choice fell on the HarfangLab EDR.

Deployment

Within a month, HarfangLab agents were deployed on Altitude Infra’s 1,500 terminals.

“Deployment was easy, and we were well supported by the HarfangLab and Capfi 6ème sens teams. The console interface is also very intuitive and quick to learn.”

Guillaume Dubuc, CISO

 

Support

To meet the need for 24/7 reactivity in the event of a tip-off, Altitude Infra calls on the services of MSSP Capfi 6ème sens.

“Capfi 6ème sens monitors our security tools with a dedicated team, available 24/7. This service provider stands out for its professionalism and the quality of its interventions; they only call on our in-house team in situations where a proven doubt requires in-depth knowledge of our internal processes. What’s more, their choice to work exclusively with French talent and tools (most of which are ANSSI-stamped) ensures responsiveness and compliance with French and European cybersecurity standards.”

Guillaume Dubuc, CISO

Results

Guillaume Dubuc, CISO, is very satisfied with the HarfangLab EDR in terms of threat detection, but not only.

The EDR also enables him to maintain control of the information system, particularly with regard to the use of the information system by local administrator staff.

“It’s very reassuring to have the EDR keeping an eye on what they’re doing, and sending me alerts when necessary. When they install software or forget to run updates, for example.”

Guillaume Dubuc, CISO

What’s more, as the HarfangLab console can be controlled via API, it integrates very easily into any work environment. Guillaume Dubuc has even improved the use of his console by creating a bot that systematically sends him alerts of a certain level in the Teams application.

Employees’ working environment is preserved thanks to limited consumption of machine resources: the HarfangLab EDR requires only ~130 MB of RAM and 0.5% of CPU. This is thanks in particular to the Rust language, which combines performance and lightness. HarfangLab agents can also be deployed and updated without rebooting terminals.

“Businesses can carry on as normal, as the EDR has no impact on the user experience.”

Guillaume Dubuc, CISO