Imagination Technologies Group
Processor solutions for graphics, vision, and AI processing
Kings Langley, UK
US$125 million revenues (2020); 1,200+ staff worldwide
Palo Alto Networks Cortex XSIAM
Imagination Technologies Group have more than 25 years of experience in designing and licensing intellectual property (IP) processor solutions. Headquartered in the UK, the organisation’s computing, graphics, and artificial intelligence (AI) IP deliver security, performance, and low power consumption in the smallest area of silicon possible, enabling chip makers to create new, innovative digital products.
Several years ago, Imagination launched a bold and imaginative “Cyber Transformation Programme” to create a no-compromise security posture. A connected portfolio of Palo Alto Networks network, endpoint, and security operations technologies now protects Imagination’s IP and people from known and unknown cyberthreats – quickly and automatically.
However, some common challenges persisted in the SOC. Business growth and an expanding attack surface generated more security data from more siloed sources. There was significant reliance on reactive manual interventions by the lean security operations (SecOps) team, which in turn led to longer investigation times and reduced efficiency.
“One of the drawbacks to business growth is information overload,” says Paul. “Threat actors are highly sophisticated, but we only have the same number of hours each day to tackle those threats. Previously, when we saw suspicious activity, we had to decide where to start the investigation. That required input from the front desk team, application team, server team, and network team. With so many people involved, investigations were slow, complex, and burdened with risk.”
According to Paul, the company’s existing SIEM was a main cause of the problem. “We were collecting vast amounts of data from the network, endpoints, and cloud – but the SIEM was not designed to examine data on that scale or variety. We were only looking at a single data type or a certain type of log. We were never connecting the data or deriving real intelligence from it.”
Working with Palo Alto Networks, Paul and his SecOps team identified that they would require a modern security intelligence and automation management platform to:
Imagination have implemented Palo Alto Networks Cortex Extended Security Intelligence and Automation Management (XSIAM) in their SOC to deliver automated, end-to-end threat management wherever threats originate. This autonomous security operations platform turns widespread infrastructure telemetry, threat intelligence, and external attack surface data into an intelligent data foundation fuelling effective automated detection and threat response.
This cutting-edge system supports Imagination across three vectors:
Unlike traditional SIEM, new data is automatically integrated into XSIAM for richer analytics.
Cortex XSIAM is automating and scaling Imagination’s SecOps to protect against advanced threats. The benefits XSIAM delivers include: