Freight Giant Uncovers Zero-day Breach with Bitglass

Case Study

A multi-national transportation company turned to Bitglass' CASB for their annual audit. The auditors wanted to catalog shadow IT cloud apps on their network for their annual compliance report. Bitglass was able to do that and a whole lot more.

Auditors at this firm contacted Bitglass and simply uploaded two weeks of firewall logs, approximately 2M log lines per day. Bitglass did the rest.

Bitglass' Zero-day Shadow IT Discovery solution identified four high-risk cloud apps widely used on the network. The top-ranked high-risk apps were YouTube, MSN, Facebook, Dropbox, and Evernote. The company had previously blocked Gmail and Yahoo due to security concerns. These cloud apps were a compliance risk and merited mention in the annual audit--but there was worse news.

Bitglass also uncovered a TOR (The Onion Router) node operating within the corporate network. In repressive societies, TOR plays a valuable role in enabling the uncensored flow of information. In free societies, TOR is used almost entirely for criminal enterprise—porn, drugs and data exfiltration. Bitglass found sustained traffic to about 200 nodes in the TOR network during the two-week span. Bitglass alerted the audit and security teams at the customer.

Remediation was swift. Using pinpoint diagnostics from Bitglass' reports, the customer was able to track down the breached device. The customer also upgraded to next-gen firewalls to improve visibility.

Once a hacker gets inside the network, even the latest firewalls can do nothing. New risks and new hacks cause breaches daily, and the average breach lasts almost eight months. Bitglass prevents breaches and uncovers those that previously occurred so that you can limit the damage.