Case Studies

Challenge:

The new CISO of an automotive manufacturer wanted a fresh take on the efficacy of the organization’s security controls, including evaluation of defenses against the latest attacker tactics, techniques, and procedures (TTPs) and identification of unknown attack surfaces.

Solution:

Converge Cybersecurity was a trusted partner because of an existing relationship involving incident response readiness, and the client selected our Advanced Testing services. We performed reconnaissance to determine the topology of the client’s network and live hosts. Nearly 700 live hosts connected to external IP addresses were found among the 45,000 addresses in the scope of the engagement.

Host enumeration, vulnerability scanning, port scanning, service identification, OS fingerprinting, and DNS enumeration were used, and firewall and VPN penetration testing was performed.

Converge coupled the discovery of a cloud service provider API exposed in an open-source code repository with a misconfigured extranet VPN to breach the client’s external network infrastructure.

A forced authentication attack and password cracking captured credentials for a connected backup service, allowing our testers to pivot to other machines as local admin and access internal networks.

Results:

The client received an easy-to-read report with an executive summary and prioritized, risk-ranked descriptions of uncovered vulnerabilities. Details for exploiting the vulnerabilities and steps for remediation were detailed. The client was able to leverage this information to provide key stakeholders with an objective, accurate picture.

Challenge:

A large manufacturer grappling with growing network traffic and fragmented point solution data needed a proactive cybersecurity approach to meet compliance requirements and keep up with evolving threats. To do this, they needed to increase visibility across their infrastructure, free up in-house analysts for critical tasks, and improve SOC capabilities.

Solution:

The client chose Converge Cybersecurity as their managed security services provider (MSSP). Converge augmented their SOC services, fine-tuned alert rules, performed dashboard checks to identify patterns, and extended the organization’s threat-hunting capabilities by providing actionable intelligence for informed decisions.

We evaluated the tactics, techniques, and procedures (TTP) used against the client to develop recommendations for improving the detection of malware infections and attempted data exfiltration, and facilitated incident response and remediation.

After identifying log management issues impacting visibility, Converge’s Managed Security team leveraged the MITRE ATT&CK framework to identify gaps to better position the client to build analytics and detect adversarial behaviors. Compliance reporting procedures were updated to align with emerging regulations, new applications, and changes in infrastructure.

Results:

Data from the client’s controls was operationalized to accelerate threat detection and response without straining their security team. By augmenting people and processes, Converge helped strengthen platform management, compliance reporting, and incident-escalation playbooks. Recommendations for expanding visibility and leveraging automation put the client on the path to reducing operational hardship and maturing their security posture.

Challenge:

An automotive industry manufacturer embarking on a multiyear journey to migrate on-premises data centers to the cloud found the advice about needed security initiatives and solutions from multiple vendors confusing and conflicting. The client sought a trusted security advisor to help secure their cloud migration.

Converge Cybersecurity was engaged early to provide consultation and advice for cloud resiliency and security.

Solution:

Converge Cybersecurity participated in the four-month architectural design process with the cloud service provider and a third-party provisioning team to ensure security was built into the new cloud environment. Converge conducted consulting conversations around cloud security frameworks, reviewed documentation and diagrams for accuracy, and offered recommendations and guidance for cloud infrastructure. When cloud access hardware was added to the project, our Advanced Testing team performed penetration testing on the device to ensure security. After the cloud environment was built, Converge conducted a cloud security assessment. Account administration, access, and tools, as well as user permissions, configuration, and vulnerabilities, were evaluated. The client received a detailed report of the findings and recommended remediation.

Results:

The client is confident that the build of their cloud-hosted data centers includes a secure mindset. The client was delighted with Converge’s actions on their behalf in working with multiple vendors, and plans are underway for Converge to support the client’s onboarding of cloud services into their SIEM environment.

Challenge:

A large petroleum company needed to transition its Active Directory (AD) provisioning from a long-term internal team to a new provider in a short time frame. A partner that could seamlessly step into the internal role to maintain a strong security focus and minimize the impact on customer service was needed. Strong capabilities in managing AD provisioning across multiple domains—including legacy and modernized—were essential.

The client’s provisioning processes also needed updating to adapt to new technologies and to scale easily as provisioning demands changed. Using a cost-conscious funding approach helped the client ensure maximum value and return on their investment when selecting a partner for this project.

Solution:

The client engaged Converge Cybersecurity to leverage our skilled AD professionals for an initial 12-month residency. Our analysts worked alongside the client’s in-house lead analyst, sliding easily into the client’s day-to-day AD provisioning role and introducing process improvements and innovations to improve the management of the dynamic AD provisioning environment. The client was also able to advance special projects and fulfill urgent requirements by applying our team’s expertise and critical thinking skills.

Results:

Converge helped the client achieve their goals for a smooth transition and process improvement. Because of their high level of satisfaction, the client extended the engagement to apply Converge’s expertise to other identity and access management efforts.

Challenge:

• A medical device company was looking for a strategic partner with expertise in DevSecOps.
• Client needed strong compliance on an application they were developing in AWS.
• Compliance requirements created labor intensive manual reporting, taking up valuable time and resources from their team.
• Lacked the ability to automate security and compliance in their AWS environment.

Solution:

• CloudGuard Dome9 provides Cloud Security Posture Management (CSPM) for public cloud providers (GCP, Azure, AWS, and Kubernetes). It allows organizations to automate governance across multi-cloud assets and services, including visualization and assessment of security posture, misconfiguration detection, and enforcement of security best practices & compliance frameworks.
• For the client’s purposes, CloudGuard provides CSPM for AWS.

Results:

• Through a POC, Converge demonstrated our ability to save them hours (if not weeks) through automating our compliance reports instead of doing them manually.
• The ability to automate over 30 accounts to start was more cost-effective than the number of FTE required to do the same continuous reporting.

Challenge:

• An infrastructure construction and support services provider encountered a ransomware attack that compromised their Active Directory environment, resulting in their user database being stolen.
• The Active Directory server was using a trojan to infiltrate and encrypt their machines. In response, they needed help with remediation and mitigation of the problem.

Solution:

• As a trusted partner with a 10+ year relationship with the client, Converge was asked to assist with this incident based on the Managed Services we provide, as well as our knowledge of their existing environment.
• To make sure the bad actor was under control, the Cisco Talos Incident Response team was called into action immediately. Their job was to perform triage, investigate, contain, and remediate the problem.
• Concurrently, Converge worked to coordinate with the client’s engineering team to rebuild their entire environment and restore all of their servers/databases.

Results:

• After two weeks of our teams working day and night (300+ hours), the customer was fully restored and performing business as usual.
• Client was so impressed with our team’s readiness and quick response that they entrusted us with designing a more robust network and environment to better handle a similar situation, should it happen in the future.

Challenge:

• This institutional brokerage firm wanted to offer valuable business intelligence activity for enhanced customer service and product cross-selling purposes.
• The customer has licensing limitations with their existing Cognos footprint but wanted to distribute more information company-wide, as well as provide self-service report creation and distribution for all employees.

Solution:

• The Converge BI team demonstrated how their experience and skills can create cutting-edge user interfaces with dashboards and graphs that will move the client into the modern era of analytics.
• Converge created a bundled offering of IBM software with Converge Professional Services. This solution consists of converting existing Cognos named user licenses to a server license (PVU’s) to enable widespread report distribution and use of the software.
• The client was also able to leverage Converge Professional Services to ensure success by creating an improved user interface for enterprise-wide use and integration to Salesforce.

Results:

• The client team now has the proper IBM license for unlimited creation and distribution of picture-perfect reports.
• Converge Professional Services ensures the client can provide everything the business needs from a business intelligence and analytics perspective.

Challenge:

• Today, there are more devices issued to employees than there have ever been. While increasing flexibility for workers, it also increases the need for technical support. This poses an issue, especially for the client, which has limited employees staffing the helpdesk.
• With more and more employees working remotely, there is not enough staff to troubleshoot technical issues. This client was looking for ways to reduce the workload while not necessarily having to take on additional staff.

Solution:

• This client has a longstanding relationship with Converge in the realm of devices. Aware of the challenges, Converge’s resources collaborated to provide solution options using emerging tech and trends, specifically, AI.
• The final decision from the client was to automate. By building out a helpdesk chatbot to automate the ticketing system, staff will save a significant amount of time that can be redirected to helping solve tech issues for remote workers.

Results:

• Converge organized a workshop to work hands-on with the client. The goal was provide enough training so that government employees using AI solutions have the design, function, and implementation skills needed to improve AI-based public services.

Challenge:

• A global fintech leader was starting a year-long endeavor to modernize and enhance their banks’ cores and shift them to an internal cloud platform. This application modernization initiative began when the company realized that banks needed the agility to react quickly to rapid changing technology, new competitors, and rising client expectations.

Solution:

• The company selected Converge over two other international consulting firms to provide Scrum teams aiming to tackle various banking core modernization projects and a shift from SOAP to REST utilizing Agile methodologies.
• The teams included a Converge Development Manager, with 17 other consultants sourced through Talent Solutions, including an Agile Coach, Product Champion, Development Lead, Developers, Business Analysts, and QA. These teams were accountable for deliverables within two-week sprints over the course of 14 months.

Results:

• As a result of the application modernization projects and cloud migrations, the company has experienced cost savings by enhancing and modernizing bank APIs and alleviating technical debt.
• To date, this project has led to the development of a precision application modernization practice of 18 people, with an expansion from the company’s Account Services team into the Digital Transformation group, along with several permanent placements.

Challenge:

• As they’d been rapidly growing through acquisitions, an industrial manufacturer needed to add employees to their IT team. Because the client lacked an in-house recruiting team and their hiring managers had limited bandwidth, they needed help finding the right people.

Solution:

• After the Converge Talent recruiting team finds candidates, our engineers screen and rate each person for the technical skills needed by the client. By utilizing our in-house technical engineers, we provide a value-add that traditional staffing firms do not. This saves the time it usually takes to validate the technical aptitude of candidates.
• The client’s managers know that the candidates we provide are not just a name on a resume; they are technically qualified for the specific jobs for which they are being recruited.

Results:

• More than 40 people have been placed as contractors or permanent employees at this client over the past four years.
• We earned the right to be the exclusive recruiting team for their most senior positions.
• The client’s leadership noted Converge understands their business comprehensively.

Challenge:

• A US state’s internal IT support services needed to find a single disaster recovery provider with technology infrastructure and technical expertise to deliver a program that would enable the recovery of multiple hardware platforms.
• Internal expertise in these technologies was limited due to both the age of the equipment and limited staff availability.
• System platforms included multiple IBM mainframes utilizing Virtual Tape Systems with a complex SAN environment to support tape-based recovery. The mainframes needed to be recovered in a synchronized manner that would make them available to communicate to a robust virtualized Intel environment. These platforms also needed to be connected back to ITS using a mix of supported communications systems and legacy firewall & switching technologies.

Solution:

• Due to the complexity of the client’s recovery requirements, Converge conducted a combination of both onsite meetings and standard weekly pre-test calls, which began weeks out from the customer’s DR tests.
• Based on the onsite meetings, we were able to identify additional critical computing resources that were missing in their original RFP, providing a pathway to add these missing resources to our DR services schedule.

Results:

• The initial DR test with Converge was a complete success; the client noted that they had not been successful in completing a DR test with any of their previous DR providers.
• The customer felt confident that if they experienced a true disaster, Converge would be able to fully recover their systems environment.

Challenge:

A leading wholesale beverage alcohol distributor had Smartnet and Webex renewals fast approaching. They had recently acquired another company and needed a better way to integrate them into their network. Their current Smartnet environment had become too cumbersome and expensive. They were facing the following challenges:

• Needed a way to start migrating users to their Cisco Voice Network and the corresponding UC applications like Webex.
• Current SNT model had limited growth capabilities and flexibility for a constantly changing environment.
• Increased pricing changes and overall contract had become too expensive.
• Struggling justification to their CFO for this massive spending increase on Licensing and Maintenance.
• Unpredictable and complicated licensing processes.

Solution:

• After actively consulting with the client’s IT leadership team for several months, Converge leveraged a Cisco EA and SNT Agreement to simplify their licensing and equipment maintenance renewals.
• Converge provided a cost-conscious proposal, streamlining their Smartnet support levels and removing items they weren’t utilizing fully or effectively.

Results:

The client now has a new three-year agreement that supports their users and covers their infrastructure while allowing for growth as they integrate their new acquisition. This agreement also helps them:

• Simplify the way they manage Cisco licensing and the integration of new users.
• Reduce overall cost with proper Service Levels that support the requirements of the business.
• Preserve cash with Cisco Capital financing options.

Challenge:

• Having experienced tremendous growth over recent years due to the new demands of unstructured data (videos, images, etc.) repositories, one of the largest counties in a southern state was faced with managing the lifecycle of IT technology that was put in place years ago. A heavy burden was being placed on their existing systems due to complexity, cost, and security risks.
• Legacy backup systems were running critically low on capacity and their backup window kept increasing due to large requests from the multiple agencies to which they provide managed services.
• The organization had multiple disparate systems (Veeam, Veritas, and EMC Data Domain) to manage, and was looking for a single Data Protection Solution to consolidate their virtualized and AIX/Oracle environments.

Solution:

• Converge presented a Rubrik solution that utilizes a hyper-converged system to address Data Protection and Security needs with a native immunity to ransomware. This is the most simplistic yet effective automated backup and recovery solution.
• Rubrik also expanded into their Disaster Recovery program and continues to be a major player in the client’s Private Cloud journey.

Results:

• Converge and Rubrik provided significant ROI/TCO with a significant cost savings over a six-year period.
• By utilizing a strong partnership with Rubrik, we were able to achieve positive results with the initial Proof of Concept. We then sized, scoped, and delivered a Total Enterprise Backup and Recovery Solution.

Challenge:

• Facing expensive hardware refreshes in their colocation environment, a citrus growers’ cooperative needed to migrate their legacy financial application to the cloud.
• Based on their strong trusted relationship with Converge for services including colocation, connectivity, and disaster recovery, the client asked if we could offer VMware on AWS.

Solution:

• Converge resources partnered to set up and present a POC for the client in less than one week.
• Working closely with VMware, we offered a VMC on AWS cloud service using familiar VMware tools. We provided joint TCO presentations detailing fast acceleration to the cloud, full operational consistency with on-prem SDDC, seamless large-scale workload portability & hybrid operations, global AWS availability, and direct access to native AWS services delivered, operated, and supported by VMware.
• VMC SDDC and I3 hosts were installed through Converge MSP, as well as AWS Direct Connect and S3.

Results:

• The Converge VMC on AWS Managed Service Provider offering enables the client to utilize Converge’s service desk, cloud services, and consolidated billing.
• The client is enabled to utilize third-party vendors including VMware, AWS, IBM Power, Cisco, Palo Alto, NetApp, Veeam, and Zerto.
• This project provides significant savings for the client compared to their previous on-premise costs.

Challenge:

• A genomics and biotechnology company lost several key members of their Site Reliability Engineering (SRE) team due to a workforce reduction.
• With a shift in focus to prioritize different offerings due to a decline in sales in another business unit, the company needed to find operational cost savings.

Solution:

• With AWS as a key part of the company’s operational strategy and spend, it was natural that AWS would be one of the key areas to focus on to drive savings.
• Given that Converge manages the client’s significant AWS contract, our team quickly aligned with them to look for ways to support the SRE team. The immediate focus was on finding ways to increase efficiency of engineers’ use of AWS without hindering their productivity with new processes.
• Weekly review meetings were immediately established between the client, AWS, and Converge teams. During the review, it became apparent that better utilization of spot instances could drive immediate savings, however, driving a consistent spot-first strategy across all engineering teams would be a challenge.
• Like many companies with a “build-your-own” mindset, the client needed the value proposition of any paid solution to be immediately apparent in order to invest. The Converge team felt confident in introducing Spot.io.

Results:

• The company decided to implement Spot.io after demonstrations with the executive, SRE, and engineering teams to identify how to drive operational savings.
• The ease of enabling Spot.io via an AWS Marketplace private offer from Converge (and Spot.io pricing model being a percentage of their savings versus a traditional upfront pricing model) led to a significantly short sales cycle.

Challenge:

In order to create unique and cutting-edge predictive solutions for their clients, this world-class AI/Analytic data science firm’s data scientists needed a:

• Robust Data Lake for terabytes of diverse and complex datasets.
• Data pipeline application to transform operationally raw (dirty) customer data, public data, and third-party data into standardized data sets.

Solution:

• Using AWS Airflow (Apache) as the Data Pipeline (ETL) orchestration engine, Converge engineers developed the modular applications in Python to ingest, cleanse, parse, enrich, and transform raw data and store into AWS S3. The transformed data sets, in the Observational Medical Outcomes Partnership (OMOP) Common Data Model (CDM), a healthcare OHDSI standard, would become a commercially offered product by this client.
• Our engineers processing these large datasets, each 300GB-500GB in size, used sophisticated performance-optimizing vectorized Python with PANDA and other advanced data analytic libraries for the heavy data science processing.
• The first Cloud-based Data Platform (CDP) leverages DataBricks (SPARK on AWS) to support transformed data on demand for ad-hoc analysis, hypothesis testing, exploratory data analysis (EDA), derivative data set generation, and Machine-Learning (ML) models with fluid multi-cloud interoperability for the Data Lake between AWS data warehouse and GCP BigQuery, all integrated with Tableau visualization and Immuta as the data-governance core.

Results:

• This technology-capable AI/Analytic data science firm found the right partner in Converge to complement their strengths at their level as equals. Our skilled and experienced consulting team met the stringent requirements of a hedge-fund funded AI start-up in a fast pace emergent high-value data science marketplace.