Construction of a log audit compliance platform for mobile phone chip manufacturing companies

Safety Project

Client Profile
As one of the world's leading mobile phone ODM companies, we provide competitive products to customers at home and abroad and are committed to becoming a global outstanding smart product service provider.
Customer needs
The user information security construction is relatively complete. Based on the characteristics of the industry, we want to find a product with flexible data analysis and customization capabilities, as well as a service support provider to build an enterprise compliance audit log platform for users, and deliver and implement it for enterprise personnel analysis, compliance audit, legal affairs, and HR-related needs.
Solution
  • Since 2021, as a long-term strategic security operations partner of our clients, we have been deeply involved in the construction of security operations centers and the design and implementation of internal threat protection systems;
  • Select Splunk Enterprise and Enterprise Security, and design and implement a data analysis platform architecture tailored to the user's actual usage environment, network segmentation, and site distribution;
  • Communicate with the user requirements department to provide guidance on security use cases for subsequent personnel audits;
  • Based on the use case, work backwards to the required data sources, access and analyze the data, and communicate with the user's R&D department on related data quality issues;
  • Conduct one-on-one interviews with departments that address core user demands to understand user compliance audits, regulatory requirements, risk areas of concern, and risk tolerance;
  • Based on user concerns and in combination with relevant NIST best practices, we designed relevant user behavior baseline detection rules. Based on the baseline rules, we leveraged the Splunk SIEM RBA function to implement aggregated risk scoring and analysis based on personnel and assets.
Customer Benefits

Data visualization analysis based on personnel behavior has achieved a closed-loop risk management system for monitoring, tracing, and blocking internal threats within the enterprise.

It expands the exogenous capabilities of security data analysis and improves the vertical elasticity of the enterprise's defense in depth.