Skip to Content
back to all Customer Stories

FoodChain ID Reduces Security Incident Resolution Time by 81%

Food safety innovator FoodChain ID improves security operations efficiency and avoids alert noise, reducing false-positive alerts by 84%.

84 %

Reduction in False-Positive Alerts

81 %

Reduction in Security Incident
Resolution Time

15 %

Increase in Expanded


Securing a Multi-Cloud Organization

FoodChain ID is one of the world’s leading food safety, testing, and sustainability organizations. Its offerings provide the data, technologies, and tools necessary to meet the growing demand for higher transparency, accountability, safety, and sustainability across the supply chain. FoodChain ID’s focus areas include food safety, organic and non-GMO verification and testing, and regulatory compliance.

decor decor

Streamlining Security Operations
and Accelerating Threat Response

FoodChain ID has grown organically as well as through targeted acquisitions. With over 500 employees in offices around the globe and applications handling sensitive information located both on-premises and in the cloud, the FoodChain ID security team needs to stay alert to cyber risk. 

Improving and Modernizing their Security Program

Integrating and Managing Cyber Risk for Acquired Business Units

Obtaining Security Visibility Across an Expanding Attack Surface


Streamlined Security Operations and Response Times

Erik Battle, FoodChain ID’s CIO, described the company’s security operations goals. “We have a multi-faceted business, and our IT environment is distributed across multiple clouds and geographies,” he said. “We need to continually improve visibility across the environment while managing the risk of potential cyber threats, particularly around phishing and ransomware.” 

Consolidated Visibility Allows Efficient Integration Across Business Acquisitions 

While the core FoodChain ID business grows, the company has regularly acquired companies to expand its technology base or add customers. The FoodChain ID security team is responsible for managing risk and integrating an acquired firm after a deal closes.  

Efficiently and effectively integrating a new business with a different security technology stack can pose challenges to any security team. According to Battle, “We want to get a single security view across our environment, and the GreyMatter platform helps to achieve that with its technology-agnostic approach. With acquisitions, we have to integrate IT security stacks with combinations of different endpoint protection, different firewalls, and multiple clouds. We need to quickly ingest new business units to maintain applications and our previous approach could not tie things together. GreyMatter helps us to quickly gain security visibility to new units and infrastructure, and then facilitate swapping out security technologies over time to standardize and gain efficiencies.”  

84% Reduction in False-Positive Alerts Enables Proactive Security Initiatives   

Before engaging with ReliaQuest, the FoodChain ID security team had to sift through alert noise, a task that distracted from delivering on more impactful security projects. As Battle described, “Working through false-positive alerts was a drain on the team. You can’t spend time on projects adding more business value when much of your time is spent triaging false-positive alerts.” 

ReliaQuest GreyMatter, a cloud-native security operations platform built on an Open XDR architecture, has enabled the FoodChain ID security team to reduce false positives by 84%. Rather than spending a disproportionate amount of time on manual tasks and basic investigation of every security alarm, they can now focus on initiatives such as improving identity management, consolidating security tools, and supporting the business as the organization changes and grows.   

Streamlining Security Operations Results in 81% Improved Response Times  

External threat actors regularly attempt to compromise sensitive data, and Battle knows that the ability to quickly respond to threats is critical for his team. The FoodChain ID team has worked with ReliaQuest and the GreyMatter platform to drive down resolution times so they can stop threats earlier in the kill chain. Contextual threat intelligence, and expert threat and alert investigation performed by ReliaQuest experts, has helped the team continually drive down the mean time to resolve (MTTR) security incidents. In the latest quarter, the FoodChain ID team reduced resolution time by 81%, so MTTR is just over a day—despite an overall increase in alert volume.  

The FoodChain ID team can investigate threats and quickly take action leveraging the automations and playbooks inside GreyMatter. As Battle described, “We use a variety of tools in our security program, including QRadar and CrowdStrike. With GreyMatter, investigations auto-populate relevant artifacts from across the environment so we avoid pivoting between security tools, and we can use playbooks to launch remediation actions in response to threats. The end result is that we can identify and respond to threats more quickly.” 

Gaining Visibility and Insight to Better Manage Risk Leads to 15% Expansion in MITRE ATT&CK Coverage 

Utilizing security metrics from GreyMatter has enabled Battle and the FoodChain ID security team to consistently communicate security goals, status, and the security operations roadmap with the company’s executive team and employees. The GreyMatter Security Model Index provides board-level metrics and reporting that the FoodChain ID team uses to understand its current statusand how the ReliaQuest–FoodChain ID partnership is performing. The Model Index also helps FoodChain ID develop a more accurate sense of its coverage and ability to identify, detect, and respond to the threats facing its business. This has enabled the company to understand and expand its threat detection coverage mapped to the MITRE ATT&CK framework by 15%.  

In summarizing the relationship, Battle highlighted, “ReliaQuest’s approach to security provides us with strategic flexibility. As FoodChain ID grows and our security strategy evolves, ReliaQuest and GreyMatter can support that strategy no matter what security tools we may decide to deploy or the cloud infrastructure we use. ReliaQuest and GreyMatter’s flexible approach allow and enable the FoodChain ID to design our security model that fits our business, and the collaboration keeps things secure.” 

GreyMatter gives visibility into our entire environment – from endpoints to mulitple cloud environments and critical services. Understanding gap areas focuses us on those areas needing additional buildout of detection mechanisms, areas where we feel sufficiently enabled to respond, and where we could automate or build efficiency. The comprehensive process and flexibility delivered by ReliaQuest has been essential to our ongoing improvement. Erik Battle Chief Information Officer, FoodChain ID
Image Description