Cyber Case Study
Formind

Formind is a cybersecurity pure player, specialized in SOC and CERT consulting and integration, including governance, risk management, protection, operational security, and red teaming. Its client base is diverse, ranging from institutions to small and medium-sized businesses to industry.

The challenges of securing the workspace vary depending on the customer’s context: protection of workstations, servers, data protection against espionage or ransomware, and more.

“One of our objectives is to develop our clients’ cyber maturity. EDR is a gateway that enables us to move on to broader topics such as vulnerability management, for example.”

Geoffrey Montel, SOC Manager – Formind

Formind is an independent integrator that builds its own catalog of solutions while allowing clients to maintain their existing cybersecurity stack. HarfangLab is the platform most often recommended due to several major differentiating factors:

“HarfangLab is a transparent tool, a real white box, which is not the case with all cybersecurity solutions. It’s like a data lake with open rules, making it a perfect playground for our experts, who can push investigations and analyses to the limit.

Detection is very fine-grained, allowing us to spot many more weak signals than with other tools. The console is user-friendly and intuitive, and this sophisticated detection justifies calling on seasoned experts to leverage the large amount of data collected.

Finally, certifications, particularly that of ANSSI (the National Cybersecurity Agency of France), and data retention are other important perks for a SOC team.”

Geoffrey Montel, SOC Manager – Formind

At Formind, it takes, on average, just one month to deploy HarfangLab on 70% of an IT infrastructure with up to 5,000 endpoints. This timeframe allows them to fine-tune the configuration for optimal protection in line with the customer’s needs.

“We start with a test that demonstrates the platform’s value to the customer, using active loads that simulate malicious actions: fake viruses, fake behaviors, etc. We observe the results in real conditions, then move on to deployment in waves.

Following deployment, we keep on improving the configuration to refine the alert system. As HarfangLab enables much more advanced detection than many cybersecurity solutions, this configuration step is crucial to focus on relevant alerts – facilitated by a very well-designed whitelist system.”

Geoffrey Montel, SOC Manager – Formind

The integrator is working on two projects in parallel: a phase with the client to familiarize them with the planned SecOps strategy, and a technical phase with implementation follow-up in coordination with HarfangLab.

“The technical support and quality of HarfangLab’s experts is remarkable! The local support is very responsive, the roadmap is transparent, and developments are aligned with needs in the field. The speed of developments continues to increase, which is impressive for us as partners!”

Geoffrey Montel, SOC Manager – Formind

“HarfangLab allows us to identify events that we cannot see with other tools. For example, our customers discover suspicious behavior in known applications, or connections to services at unusual times with a simple Sigma rule.

We benefit from unparalleled visibility and telemetry, which fully justifies the raison d’être of a SOC properly equipped to collect and leverage all the data needed. 

Since the hood is open, it’s much easier for our customers to develop their skills. In short, all our objectives are met: protection, visibility, and skills development.

Geoffrey Montel, SOC Manager – Formind