at a glance

CHALLENGE
Reduce impact of attacks by strengthening endpoint security for 16,000 employees

SOLUTION
Palo Alto Networks Traps to preemptively block both known and unknown threats

RESULTS

  • Reduced attack surface by strengthening endpoints
  • Delivered data to enable analysis of new threats
  • Provided visibility of threat landscape
  • Secured PCs for appr.16,000 employees

 


VakıfBank is one of the biggest banks in Turkey. It has 924 branches, 3,917 ATMs and approximately 16,000 employees, and plays an important part in financing the country’s domestic and commercial trade. In addition, it has operations in New York, Bahrain, Germany and Austria.

"Cyber attacks on the financial sector are increasing year on year," says Evrim Eroğlu, Head of Security Infrastructure Operations, VakıfBank. "No environment is 100 percent secure, but we can reduce the surface of attack. Our intention is to focus on the weakest point in the chain: our endpoints." Endpoints matter, he says, because, with employees becoming more mobile in their work culture, laptops are used off the network: "Mobility is an important issue. Protecting our own network wouldn't be enough to keep us secure."

Eroğlu's contention is that traditional signature-based security is not enough to protect against the variety of attacks faced by a modern bank: "They are incapable of detecting or protecting against zero day attacks."

The bank created a proof of concept to review options from leading security solutions providers, testing against 100 known malware variants. "We tested several products," says Eroglu. "McAfee, Comodo, FireEye, Carbon Black, Trend Micro, Check Point … none of them were able to detect and stop this kind of attack. Traditional antivirus security was not the solution. We were using McAfee Endpoint Security, and it wasn’t able to detect every threat (zero-day attacks). Only Traps from Palo Alto Networks worked."

Traps will replaces AV with multi-method prevention: a proprietary combination of malware and exploit prevention methods that pre-emptively block both known and unknown threats.

The PoC was carried out through the summer of 2016. The roll-out of Traps to more than 16,000 VakıfBank PCs started in the October.

"We've had to be careful with the roll-out, testing at every stage," says Eroğlu. "We wanted to be sure there was no impact on any of our critical business applications. We had issues with other solutions during the PoC, slowing the performance of PCs. That hasn't happened with Traps.

"It was important we had a cautious, planned and smooth roll-out of Traps. We started with 50 PCs, then 100, then 1,000 and another 1,000, then 5,000. At every stage, where there were concerns, Palo Alto Networks addressed them."

Analysing the threat landscape

Traps, says Eroğlu, protects and detects, and provides the information his team needs to follow up and analyse new threats. "We've seen the benefits from day one, even before the roll-out was fully completed. We're certainly more secure as a result of Traps, but we remain vigilant.

"The threats keep coming. What's invaluable about the Palo Alto Networks offering is that we now have more data on which to forensically examine threats, and their potential impact."

The introduction of Traps will enable VakıfBank to make cost savings as it allows its anti-virus licences to expire over the next two years. However, Eroğlu says extra investigative work means it is unlikely that operational costs of security come down. The smooth implementation of Traps, and it's immediate effectiveness, have encouraged a greater appetite for tackling security. The bank is planning a new Security Operations Center.

“We don’t just want to react to threats as they arrive; we want to see them coming. We have to work harder than ever. Traps means we see new malware and we have greater visibility. Now, the challenge for us is to switch from being reactive to proactive,” concludes Eroğlu.


 

Traps Advanced Endpoint Protection AV-Comparatives Award

AV-Comparatives, the independent organization that tests and assesses antivirus (AV) software, announced the completion of its 2017 “Comparison of Next-Generation Security Products” and presented Traps advanced endpoint protection with its “Approved” award. The firm conducted a series of malware protection and exploit prevention tests on Traps during September and October 2017. Download the report to view the results of this test.
  • 2
  • 11801

Traps: Advanced Endpoint Protection

Palo Alto Networks Advanced Endpoint Protection represents a complete paradigm shift from identification to pure prevention. Providing comprehensive exploit and malware prevention that is not designed to identify; instead, it prevents an attack before the malware can be successful.
Santa Clara, CA
  • 29
  • 62864

Traps Advanced Endpoint Protection Technology Overview

Most organizations deploy a number of security products to protect their endpoints, including one or more traditional antivirus solutions. Nevertheless, cyber breaches continue to increase in frequency, variety and sophistication. Faced with the rapidly changing threat landscape, current endpoint security solutions and antivirus can no longer prevent security breaches on the endpoint. Palo Alto Networks® Traps™ advanced endpoint protection replaces traditional antivirus with a unique combination of the most effective, purpose-built, malware and exploit prevention methods that pre-emptively block known and unknown threats from compromising a system.
Santa Clara, CA
  • 8
  • 40644

2018 NSS Labs Advanced Endpoint Protection Report

Palo Alto Networks advanced endpoint protect Traps achieved the rating of “Recommend” in the 2018 NSS Labs Advanced Endpoint Protection (AEP) Test. This test aims to determine how effectively the AEP product can protect against a threat, regardless of the infection vector or method of obfuscation. The AEP test evaluated several vendors ability to detect, prevent, continuously monitor and take action against malware, exploits, evasions and blended threats.
  • 3
  • 5091

How to Secure Your Business in a Multi-Cloud World

This paper highlights an innovative security approach that eliminates the wide range of cloud risks that can cause breaches, while enabling organizations to achieve consistent and frictionless cloud protections for multi-cloud environments.
  • 2
  • 2525

Health Check and Configuration Audit

The Palo Alto Networks Certified Professional Services Program (CPSP) enables and promotes qualified partners who have demonstrated professional services capabilities and expertise.
Palo Alto Networks,
  • 1
  • 5539