Cyber
Case Study
RTBF

The Belgian French-language public broadcaster (RTBF) is an autonomous public company responsible for radio, television, and web broadcasting for the French-speaking community of Belgium.

Agent performance and a lightweight footprint are critical for this media organization, which protects its servers with HarfangLab.

Context

RTBF is a public service media outlet. On a daily basis, the organization is targeted by all types of threats: phishing and social engineering, DDoS attacks, vulnerability discovery, and exploitation attempts. Following a ransomware attack targeting one of its partners, the IT teams sought to strengthen their security posture and launched a public tender to equip their servers with a cybersecurity platform.

Within a constrained budget, certain criteria were paramount, including: the ability to support legacy systems (the IT infrastructure is heterogeneous, with different OS versions), the possibility of connecting with an external SOC, and the ability to perform updates without restarting endpoints.

“Workstations were already equipped with Microsoft Defender. We wanted a solution that was both cost-effective and high-performing for our servers, one that would allow us to update without rebooting, and to scale as we increase the number of servers covered by the solution.”

Arno Alexandre, System Administrator

Why HarfangLab?

The lightweight nature of HarfangLab’s agent was a decisive advantage for RTBF’s security teams. The agent, developed in RUST, has a very low impact on endpoint performance. Ease of use and interface ergonomics also played a significant role:

“On a daily basis, we receive numerous security alerts related to user workstations on the information system, and we also receive alerts for servers. We see a clear difference in the way HarfangLab’s interface is designed: it is clean and streamlined, which makes it easier to maintain the agent, collect logs, and handle alerts.”

Quentin Latzel, Cybersecurity Operations Coordinator

Deployment and support

Agent installation was very fast, requiring only a single resource.

“Installing the agent takes about 1 minute, or even a few seconds when automated. The documentation is very comprehensive, and we have access to an online training platform to deepen our knowledge of the platform and become more self-sufficient.

We don’t need support on a daily basis, but when we have a question, we contact the technical team and receive a response the same day.”

Arno Alexandre, System Administrator

Results

Since deploying HarfangLab, RTBF’s security teams have gained better visibility into their workspace and have improved their security posture.

The platform’s simplicity allows teams to independently manage whitelists, add or modify detection rules, and efficiently investigate data when a security alert is triggered.

In addition, agent update deployments can be automated while still giving security teams full control over which version to deploy.

“The whitelist management system is well designed, with highly granular rules per user or per endpoint, and precise information for fine-tuning security policies.

The agent can also be uninstalled remotely with ease, which is very practical for managing the endpoints of temporary staff.”

Quentin Latzel, Cybersecurity Operations Coordinator

 

“Since deploying HarfangLab, no one has complained about endpoint slowdowns. The promises of a lightweight agent and seamless updates have been fully delivered.

Furthermore, following the disclosure of a new Linux vulnerability, we were able to confirm that the EDR effectively protected us against its exploitation. We can rely with full confidence on HarfangLab’s protection capabilities, and we can continuously optimize them by customizing the detection rules to fit our specific environment. The platform stands out for its performance, its lightweight footprint, and its ease of use.”

Arno Alexandre, System Administrator

Try out our platform in your workspace