May 30 Webinar | SOC Talk: Automating Threat Response
Reduce Alert Noise and False Positives
Boost your team's productivity by cutting down alert noise and false positives.
Automate Security Operations
Boost efficiency, reduce burnout, and better manage risk through automation.
Dark Web Monitoring
Online protection tuned to the need of your business.
Maximize Existing Security Investments
Improve efficiencies from existing investments in security tools.
Beyond MDR
Move your security operations beyond the limitations of MDR.
Secure with Microsoft 365 E5
Boost the power of Microsoft 365 E5 security.
Secure Multi-Cloud Environments
Improve cloud security and overcome complexity across multi-cloud environments.
Secure Mergers and Acquisitions
Control cyber risk for business acquisitions and dispersed business units.
Operational Technology
Solve security operations challenges affecting critical operational technology (OT) infrastructure.
Force-Multiply Your Security Operations
Whether you’re just starting your security journey, need to up your game, or you’re not happy with an existing service, we can help you to achieve your security goals.
Detection Investigation Response
Modernize Detection, Investigation, Response with a Security Operations Platform.
Threat Hunting
Locate and eliminate lurking threats with ReliaQuest GreyMatter
Threat Intelligence
Find cyber threats that have evaded your defenses.
Model Index
Security metrics to manage and improve security operations.
Breach and Attack Simulation
GreyMatter Verify is ReliaQuest’s automated breach and attack simulation capability.
Digital Risk Protection
Continuous monitoring of open, deep, and dark web sources to identify threats.
Phishing Analyzer
GreyMatter Phishing Analyzer removes the abuse mailbox management by automating the DIR process for you.
Integration Partners
The GreyMatter cloud-native Open XDR platform integrates with a fast-growing number of market-leading technologies.
Unify and Optimize Your Security Operations
ReliaQuest GreyMatter is a security operations platform built on an open XDR architecture and designed to help security teams increase visibility, reduce complexity, and manage risk across their security tools, including on-premises, clouds, networks, and endpoints.
Blog
Company Blog
Case Studies
Brands of the world trust ReliaQuest to achieve their security goals.
Data Sheets
Learn how to achieve your security outcomes faster with ReliaQuest GreyMatter.
eBooks
The latest security trends and perspectives to help inform your security operations.
Industry Guides and Reports
The latest security research and industry reports.
Podcasts
Catch up on the latest cybersecurity podcasts, and mindset moments from our very own mental performance coaches.
Solution Briefs
A deep dive on how ReliaQuest GreyMatter addresses security challenges.
White Papers
The latest white papers focused on security operations strategy, technology & insight.
Videos
Current and future SOC trends presented by our security experts.
Events & Webinars
Explore all upcoming company events, in-person and on-demand webinars
ReliaQuest ResourceCenter
From prevention techniques to emerging security trends, our comprehensive library can arm you with the tools you need to improve your security posture.
Threat Research
Get the latest threat analysis from the ReliaQuest Threat Research Team. ReliaQuest ShadowTalk Weekly podcast featuring discussions on the latest cybersecurity news and threat research.
Shadow Talk
ReliaQuest's ShadowTalk is a weekly podcast featuring discussions on the latest cybersecurity news and threat research. ShadowTalk's hosts come from threat intelligence, threat hunting, security research, and leadership backgrounds providing practical perspectives on the week's top cybersecurity stories.
May 01, 2024
About ReliaQuest
We bring our best attitude, energy and effort to everything we do, every day, to make security possible.
Leadership
Security is a team sport.
No Show Dogs Podcast
Mental Performance Coaches Derin McMains and Dr. Nicole Detling interview world-class performers across multiple industries.
Make It Possible
Make It Possible reflects our focus on bringing cybersecurity awareness to our communities and enabling the next generation of cybersecurity professionals.
Careers
Join our world-class team.
Press and Media Coverage
ReliaQuest newsroom covering the latest press release and media coverage.
Become a Channel Partner
When you partner with ReliaQuest, you help deliver world-class cybersecurity solutions.
Contact Us
How can we help you?
A Mindset Like No Other in the Industry
Many companies tout their cultures; at ReliaQuest, we share a mindset. We focus on four values every day to make security possible: being accountable, helpful, adaptable, and focused. These values drive development of our platform, relationships with our customers and partners, and further the ReliaQuest promise of security confidence across our customers and our own teams.
APi Group partners with ReliaQuest to gain a unified view of their Azure Sentinel and Microsoft E5 security suite, streamlining operations to better secure their global organization.
Increase in Visibility
Decrease in response times
Increase in MITRE ATT&CK covarage
In 1926, a company formed with an impactful mission to build great leaders. What started as an insulation contracting and distribution business, would later be known as the APi Group, a multibillion-dollar organization that operates today as a holding company for independently managed safety and special services related businesses. In keeping with their merger and acquisition strategy, early on in 2022, APi Group completed its largest acquisition to date with the Chubb fire and safety services organization – effectively making it one of the world’s largest life safety services providers.
As the company continues to grow and acquire new entities, APi Group differentiates itself by delivering top-tier, customer-driven service, using mutual resources and experiences to build a safer environment. As such, their focus on building a more secure environment directly depends on the success of various departments across the business. Their security operations team is one of the most essential of these components, to ensure critical business processes do not experience any disruptions.
APi’s growth strategy includes acquiring companies with varying business models and with different IT security technology stacks. Acquisitions have varied technology stacks that could prove complicated to manage and maintain. APi Group arrived at a strategy for new acquisitions that allows business units to maintain existing technology stacks with a plan for some rationalization. In particular, they leverage Microsoft’s 365 E5 license to meet the diverse IT needs of both existing and acquired companies while driving consistency across the organization. This strategy reduces complexity for their customers and business entities. But as they sought to meet the needs of the business, APi realized they needed a way to increase both visibility and risk management across the ecosystem to better secure a constantly expanding attack surface as new companies are added to their portfolio.
To tackle these security challenges, the security operations team at APi Group is using security tools from their Microsoft 365 E5 license in conjunction with ReliaQuest GreyMatter, to deliver the contextual intelligence, visibility, and real-time insights the team needs to better manage risk across multiple companies.
ReliaQuest GreyMatter security operations platform is built on an XDR architecture and brings together telemetry from tools and applications across cloud, on-premises, and hybrid cloud architectures. The platform delivers visibility and manages risk across APi’s heterogeneous security technology stack.
Acquisitions have varied technology stacks that could prove complicated to manage and maintain
APi realized they needed a way to increase both visibility and risk management across the ecosystem
To tackle these security challenges, the security operations team at APi Group is using security tools from their Microsoft 365
One of APi Group’s main objectives is to mature and modernize their security operations program as the organization rapidly evolves, which includes optimizing their Microsoft 365 E5 tools to increase efficiency, visibility, and value. To do this, APi relies on the powerful combination of the Microsoft 365 suite and the unified view ReliaQuest GreyMatter provides.
Carl Lee, Information Security Lead at APi Group shares, “The ability of GreyMatter to detect and take automated response actions utilizing that integration with Microsoft Defender and Azure Sentinel is a key component of our security strategy.”
As a Microsoft 365 E5 and ReliaQuest customer, APi Group has achieved a 47% increase in visibility across their Microsoft 365, Cisco, and Palo Alto security stack. In addition, utilizing GreyMatter has enabled them to perform automated response actions across multiple tools from one console – reducing the complexity of their day-to-day operations. In fact, they have seen a 52% decrease in response times since becoming a customer thanks to automated playbooks. With automation and improved visibility, the team can now execute faster threat detection, investigation, and response, across a diverse set of organizations under the APi umbrella.
An essential element of APi Group’s security strategy is to understand their cybersecurity hygiene and gaps in coverage. But they also need to augment the team and avoid burnout at the same time – which is not an easy goal to achieve. To add to the challenge, their Microsoft environment is complicated – they use Azure Sentinel, Defender, Office 365, and a multitude of other tools.
Adding ReliaQuest to their security tool stack has helped APi Group solve these challenges head on. As Lee states, “The integration between ReliaQuest GreyMatter and our security tools has become a force multiplier for the team. ReliaQuest uses a risk-based approach and the MITRE framework, driving our implementation of detections and automations, which provides the most value for our overall security.”
The integration of tools and increased visibility has reduced complexity across APi’s security program – since becoming a ReliaQuest customer they have increased MITRE ATT&CK coverage by 275%, a game changer for the team. Now, they can more accurately decide where to invest in resources that will better secure their organization.
While APi Group faces the challenge of a continuously expanding attack surface, they know implementing a program providing high-fidelity threat detections for Microsoft environments will help them manage risk. Lee explains, “The Microsoft stack is great, but one of the challenging things is that people cannot easily pick up the query language. So, when it comes to making accurate detections, you really need solid detection content – and that’s where ReliaQuest comes into play for us.”
Lee’s team is working collaboratively with ReliaQuest to tune detection logic and produce solutions for their Microsoft toolset that result in faster, higher fidelity detections. He shares, “One time we had Malware hit an endpoint. My team thought it was contained, then we get a call from the analyst at ReliaQuest who was seeing strange activity. He ended up executing an isolate play for us. They do analysis, give us context, and recommendations on what to do. The second set of eyes, the quick automated plays, and higher fidelity detections have been crucial for us to have.”
The ability of GreyMatter to detect and take automated response actions utilizing that integration with Microsoft Defender and Azure Sentinel is a key component of our security strategy. Carl Lee Information Security Lead, APi Group
The ability of GreyMatter to detect and take automated response actions utilizing that integration with Microsoft Defender and Azure Sentinel is a key component of our security strategy.
Increase visibility, reduce complexity, and manage risk across your existing tools with comprehensive protection unified under a single security operations platform.