Foreign espionage was a primary concern for a security team in the nuclear energy sector that needed to protect intellectual property and trade secrets from dedicated attackers. They needed a solution that would provide real time visibility at the network and endpoint layers, and detect previously unknown threats, as well as combat more mundane threats like intentional or unintentional misuse.
This case study provides an overview of:
- How to detect previously unknown threats;
- A product that provides real time visibility at the network and endpoint layers;
- Detection rules to detect and block traffic that maps to intel.