Case Study

Mainfreight gains centralized visibility, speed to detect and respond across 300 branches globally

RESULTS

1,300+

proprietary BIoCs to amplify the detection and remediation of potential threats

In brief

Customer

Mainfreight

Products and services

Transport, air and ocean freight, warehousing

Industry

Logistics

Organization Size

12,000

Country

New Zealand

Partner

LinearStack

Partner Website


Challenges

Mainfreight had distributed endpoint security solutions with no central view for incident response.

Requirements

    • Enhanced security operations
    • Centralized visibility
    • Incident response and threat hunting
    • Strong behavioral-based detection

Solution

Palo Alto Networks Next-Generation Firewalls (NGFWs), Cortex XDR, Panorama, Digital Forensics.
Introduction

Mainfreight is a global provider of logistics and supply chain solutions. The company operates in the Americas, AsiaPacific, Europe, and India and has over 12,000 team members, located across 300 branches globally. “Mainfreight focuses on delivering quality logistics for our customers and we were early adopters of Palo Alto Networks firewalls, way back in 2006,” says David Hall, Group Security Manager at Mainfreight. Over the years, David and his team continued to keep an eye out for solutions that would help the company protect against sophisticated attacks.

CHALLENGE

Unchecked endpoint sprawl and lack of consolidated visibility

Mainfreight was familiar with Next-Generation Firewalls (NGFWs) from Palo Alto Networks and began evaluating two industry-leading solutions for endpoint protection. “Securing endpoints was a major challenge and we knew that it was imperative we invest in endpoint visibility and control,” explains David. Elaborating further, David shared, “In order to combat all critical aspects of endpoint security, we had procured multiple vendors to achieve a stronger security posture, which was not just difficult to manage, but often counter-productive.”

For incident investigation to be efficient and effective, it is imperative that organizations gain real-time visibility as well as swift access to forensic information and threat intelligence in one centralized location. Mainfreight did not have this in place and compounding this challenge, the various solutions from different vendors did not integrate well with one another. This presents significant challenges for security analysts, incident responders, and threat hunters because disparate endpoint solutions create a data and adversary behavioral detection problem.

REQUIREMENTS

Prepare for advanced threats with mature endpoint security and improve network visibility

Mainfreight wanted a solution with proven endpoint protection that could provide them:

  • Enhanced security operations
  • Centralized visibility
  • Incident response and threat hunting
  • Strong behavioral-based detection
SOLUTION

Effective risk mitigation with enhanced endpoint security and reduced time to detect and respond

During the evaluation process of two industry-leading solutions, what stood out for Mainfreight was the richer features of Cortex XDR and the fact that their security services partner, LinearStack, had tremendous capabilities with the Palo Alto Networks solution suite. Today, LinearStack has over 1,300+ proprietary behavioral indicators of compromise (BIOCs) applied to Cortex XDR to amplify its Threat Detection capabilities and speed up the investigation and remediation of potential threats.

"Securing endpoints was a major challenge and we knew that it was imperative that we invest in endpoint visibility and control. In order to combat all critical aspects of endpoint security, we had procured multiple vendors to achieve a stronger security posture, which was not just difficult to manage, but often counter-productive."

– David Hall

Group Security Manager, Mainfreight

Having been an early adopter of security firewalls from Palo Alto Networks, Mainfreight was familiar with their networking and security capabilities and knew that their solutions could mitigate risks effectively. Mainfreight’s association with Palo Alto Networks has been well established over the years. “Palo Alto Networks solutions have consistently outperformed competitors on most parameters. Innovative offerings with superior security features, as well as integration capabilities have kept us ahead of the threat lifecycle. In addition to this, our long-term support partner, LinearStack, reiterated with conviction that the Palo Alto Networks suite of products was the best fit for our business environment,” says David.

Mainfreight moved from the early engagement of NGFW to Cortex XDR to secure better protection for their endpoints. With AI-powered security that continuously evolves to stop new attacks, Mainfreight now has confidence that both known and unknown threats can be remediated effectively. With Cortex XDR, the same level of response is achievable for devices on and off the network. It is a platform that allows Mainfreight to scale as their business grows, in addition to helping with speed to detect and respond.

Integration with existing security solutions at Mainfreight was an important consideration and since the company had already deployed NGFWs from Palo Alto Networks, this was a natural progression. David also adds, “We wanted behavioral-based security and now, with an intuitive forensics workbench, we can gather comprehensive data and display investigative details.”

"Palo Alto Networks solutions have consistently outperformed competitors on most parameters. Innovative offerings with superior security features, as well as integration capabilities have kept us ahead of the threat lifecycle."

– David Hall

Group Security Manager, Mainfreight

BENEFITS

Increased visibility and compliance

Cortex XDR has enabled a proactive approach to visibility across all data, including endpoint, network, and cloud. Continuously updated analytics and detection content are applied to address threats encountered with little-to-no effort by the security analyst. With Palo Alto Networks solutions having been deployed across the entire ecosystem, across every endpoint, in every region of Mainfreight’s operations, along with Panorama for centralized firewall management, it is easier to push policies out quickly, ensuring visibility from a single pane of glass. Once policy violations and misconfigurations are identified, they can be accessed and mitigated swiftly.

Reduced time to detect and respond resulting in higher productivity

Having Palo Alto Networks as the benchmark for security across the group and LinearStack’s expertise have definitely had a positive impact for Mainfreight. Using Cortex XDR, LinearStack has applied 1,300+ proprietary BIoCs to amplify the detection and remediation of potential threats and vulnerabilities across the entire group in a timely manner. “There is a significant reduction in time to detect and respond to an incident with Cortex XDR,” says David. This, in turn, means increased productivity of the people operating the technology and more gains out of security investments.

Seamless incident response framework

For Mainfreight, Cortex XDR has fit into the managed security service provided by LinearStack effortlessly. It is a mature product that can identify threats and/or vulnerabilities (with Host Insights deployed), while integrating impeccably with the incident response processes and response team. Working with LinearStack, Mainfreight gains the advantage of actionable intelligence, as they help them act on the information gathered, and see how best to use the same.

CONCLUSION

Shiv Singh, Founder, and Principal Consultant of LinearStack shares, “Our persistence to deploy Cortex XDR for Mainfreight has paid off tremendously. Cortex XDR coupled with our expertise has enabled Mainfreight to reap numerous benefits and peace of mind, knowing that any cyberthreats will be detected, investigated and mitigated in a timely manner.”

David sums it up succinctly saying, “With Palo Alto Networks, I sleep better at night!” Mainfreight has naturally progressed from deploying NGFW to Cortex XDR. David envisions the implementation of Cortex XSOAR in the foreseeable future to take advantage of industry-leading security automation. Besides the rich features and functions of the Palo Alto Networks solution suite, the solutions also seamlessly integrate with the existing third-party solutions at Mainfreight, providing them with comprehensive visibility across the whole environment. Mainfreight looks to further integrate and consolidate all their security tools and essentially bring it under the Palo Alto Networks umbrella to drive their vision of securing both their organization and customers.