Cybersecurity
Case Study
Defense Industry

HarfangLab protects the IT assets of a major defense industry organization.
Concerned as much by state threats as by cybercrime, the organization deployed HarfangLab EDR On-Premises to protect several thousand endpoints.

harfang-why
Context

Given its defense-related activity, the organization can be the target of state-sponsored attacks, but the boundaries with cybercrime are porous. Indeed, its annual turnover also makes it a top target for ransomware attacks.

Protecting workstations and servers is a priority, as they are prime points of entry for malicious actors.

“Until the release of Windows XP, the trend in security was to set up firewalls that acted as a fortress to protect an IT fleet. This operating system marked a turning point when attackers began to target endpoints, in particular for DDoS attacks. The firewall was no longer enough.

 

Endpoint protection then became a critical issue, and I never saw antivirus as a solution that could cover all risks. To effectively protect endpoints, I’m convinced that EDR is the most appropriate tool.”
SOC Manager – Defense Industry

Why HarfangLab?

For the organization, sovereignty and On-Premises deployment for a heterogeneous IT fleet were priority criteria.

Various solutions were evaluated as part of a call for tenders, and HarfangLab stood out for its technical qualities and support.

In addition, the openness of the solution and the numerous connections to other security tools were also favorable arguments. The ability to integrate intelligence from other tools, to avoid feeling captive, and to be able to compose its cyber shield autonomously were key factors for the organization, which also praises the flexibility and adaptability of the EDR.

“Although we were convinced of the EDR’s technical performance, our purchasing department had reservations due to HarfangLab’s “start-up” status at the time. In addition to the evaluation grid used in our call for tenders, which validated our detection and remediation performance, two other factors weighed in the balance.

 

First: the fact that, at the same time, HarfangLab had successfully prevented a ransomware attack on a French company. We were able to refer to a concrete case that attested to the detection capabilities of the EDR.

 

Second: the quality of the support provided and the teams’ ability to listen were decisive. Every time we gave feedback or made suggestions for improvement, right from the test phase, we felt we were being listened to.”
Cybersecurity Architect – Defense Industry

Deployment

On-premises deployment occured alongside the implementation of a complete infrastructure involving the Project Manager, the SOC Manager, and occasionally network and system administrators.

A total of 5 people were involved over a period of approximately 6 months.

Subsequently, users learned how to configure the system to gain greater autonomy, and all praised the EDR’s adaptability to the organization’s technical constraints.

Support

On the support front, security teams particularly appreciate direct access to HarfangLab’s teams, who manage and know the product inside out, and who are responsive both for improving existing systems and for assisting with platform configuration.

“HarfangLab offers outstanding support. Even as they grow, the teams maintain a close relationship with their users. Another point worth noting: even the managers know the product inside out!”
SOC Manager – Defense Industry

Results

Since deploying HarfangLab’s EDR, security teams have benefited from improved visibility of their information system, and they are reassured about the level of protection afforded to their entire workspace environment.

“We have much better control over our network, and we know that if a security incident occurs, we can contain it and get back up and running quickly. EDR truly is a safety belt!”
Cybersecurity Architect – Defense Industry

“Our sector is heavily constrained by laws and regulations specific to our business and, within this framework, HarfangLab has enabled us to harden protection on all our endpoints and remove doubt whenever necessary. In short, HarfangLab is an ally of the IT Department because its EDR enables extremely fine-grained control of the activity of the workstations and servers to guard against attacks.”
SOC Manager – Defense Industry