Midwest Bank Increases Protection to Gain Greater Visibility and Control

A locally owned, midwestern bank provides both personal and business banking services through its 7 locations. In operation since 1885, the bank has a vested interest in keeping both its organization and its members safe from the increasing volume of cyber threats. While faced with the same cybersecurity issues and regulatory compliance issues as larger financial institutions, the bank must protect its network and members while ensuring auditing and compliance with fewer resources— specifically, a 3-person IT team.

Upon learning about Bandura, the bank CEO suggested the IT team deploy the ThreatBlockr platform in front of the existing firewall, as part of an additional layer of protection for their defense-in-depth security strategy. With Bandura, he felt that he would be able to leverage Bandura’s 30M+ out-of-box threat indicators to prevent known bad actors from targeting them by stopping them before they hit the bank’s firewall.

The Value of the ThreatBlockr Platform

With banks 300X more likely to be hit by a cyber attack, the CEO knew it was critical to address security head on. Operating as a regional, medium sized bank, they also did not have the luxury of large cybersecurity budgets, staff, and resources at their disposal. They needed a solution that was smart, easy, scalable, and everywhere. As such, they deployed the Bandura ThreatBlockr platform and saw a substantial drop in the malicious traffic it sees on its network.

“After finding that something has been blocked, it’s easy to identify why it has been blocked (by the Bandura ThreatBlockr platform). I like the fact that I can look through the reporting features and determine if I need to ease up on some of my rules. It's then a very simple configuration change. Or, if it's something that is getting through my firewall that shouldn’t, I can simply strengthen the rule.”

Simplified Compliance Auditing

As the bank is heavily regulated, they are regularly audited. After deploying the Bandura ThreatBlockr platform, the bank has seen higher scoring due to the information sharing and use of their FS-ISAC feeds. By integrating the FS-ISAC feeds into the Bandura Cyber platform, the bank is able to protect itself and its customers from the massive amounts of industry specific threats.

“They review our logs, and test the network. This most recent test, just earlier this month, they were extremely impressed with the way our penetration test went, with the Bandura ThreatBlockr at the perimeter.”

Greater Visibility and Control

In financial services, understanding ones security posture and maintaining security stack integration is critical. The bank undergoes regular PEN testing as part of its ongoing security validation practice. During the most recent annual PEN test, the third-party testing company complimented the bank on their security deployment.

“Typically, during the PEN test, we have to whitelist them (the third-party tester) in our Bandura ThreatBlockr in order for them to perform their testing. However, we ask them to try their tests without being whitelisted, and they never get anywhere. They think they’ve done damage because we just disappear. I explain to them that our system blocked them, and stopped replying. It’s by design...not a defect.”

Greater TCO and ROI through Simplified Deployment and Management

The Bandura ThreatBlockr platform reduces the number of alerts to investigate and automates the management of threat intel feeds. The threat intelligence data in the platform is automatically updated eliminating the need to manually manage threat feeds. This allows the bank to expand security capabilities without increasing management overhead and complexity.

“My coworker was tasked with taking the threat reports, and manually entering in, line by line, the malicious IP addresses and domains. Sometimes it took days to complete. If it was a big report, it might take a month. Now he’s able to just import them into the system. It’s no longer a big deal.”

Since deploying the Bandura ThreatBlockr, the bank’s IT team has seen greater efficiency in how they feed logs into their other security products. Additionally, it has been delighted in the response times and personal interactions they’ve received from Bandura.

“Not long after we purchased our Bandura ThreatBlockr, I spoke to several vendors. They offered a few examples of features that weren’t available on the Bandura ThreatBlockr. I sent in a feature enhancement request, and it was only a few months later that those features were added. I mean, that’s just superb.”

After deploying three Bandura ThreatBlockr’s into their network, the bank has seen:

  • Increased protection from threats
  • Less malicious traffic passing through firewalls
  • Simplified ingestion of third-party FS- ISAC feeds
  • A reduction in the time spent managing security devices

About Bandura

Bandura uses best-in-class threat intelligence to secure your networks, data and users in real-time - wherever they are - on-prem, cloud, remote, or all of the above. Our platform blocks attacks from up to 150M malicious IPs and domains in real-time with no latency. We provide out of the box threat intelligence and integrate data from any source. At Bandura, we believe nothing scales like simplicity. We make blocking threats smart and simple - at scale - everywhere. For more information visit: banduracyber.com

Download Case Study