Vulcan Materials MDR Solution

TekStream Gives Vulcan Materials Company Actionable Threat Alerts and Confidence in Their Splunk Security Platform

Vulcan Materials Company is the nation’s largest producer of construction aggregates-primarily crushed stone, sand and gravel-and a major producer of aggregates-based construction materials, including asphalt and ready-mixed concrete.  With a coast-to-coast footprint and strategic distribution points across the country, the firm requires 24X7 managed detection and response.

A Google phishing attack occurred and went unnoticed due to improperly scoped detections and a lack of appropriate alerting in place.  Their SIEM solution was not all inclusive and ultimately was ineffective in reducing the mean time to triage and remediate security incidents.  It provided only 0.09% usable alerts in three years of operation.

Technologies Involved

Splunk

Splunk ES
Fully-integrated customer SOAR

Splunk

Key Pain Points

The prior solution was proprietary and did not optimally leverage the Splunk platform.

At the end of their contract, Vulcan did not retain any of their investment in applications and the data that they were reliant upon for security services.

Their current security solution did not surface threats effectively.

Small firm with limited man-hours to devote to the issue, among multiple priorities in the IT department.

TekStream met an aggressive six (6) week time frame required to stand up the new MDR environment, onboard required data sources, implement necessary use cases, and provide operational 24X7 coverage.

  • Brought in-depth, Splunk-based security expertise
  • Leveraged advanced techniques to surface threats tailored to Vulcan threat vulnerabilities, processes, and overall threat surface
  • Mapped standardized security frameworks to security best practices
  • Leveraged non-proprietary Splunk best practices
  • Implemented with a high degree of collaboration between TekStream and customer security professionals
  • Brough experienced Splunk administration resources to compress the time to implementation
  • Remediated inapproriately configured infrastructure
  • Flexible development team was able to utilize SOAR and Splunk ES to deploy the security plan.

“TekStream was able to stand up our entire Enterprise Security program and provide proper incident logging within six (6) weeks. We were confident in their ability to deliver a comprehensive program to protect our digital assets.”

– Dan Smart, Vulcan Materials Company

Key Successes

  • TekStream provides immediate alerts with important use cases, adding in a triage of issues that bring them high-value alerts.
  • Splunk-native applications mean Vulcan retains ownership of their data no matter who services their account
  • Established an operational cadence for constant improvement against visibility, fidelity, and automation (VFA).
  • TekStream expertise gave Vulcan confidence that the Splunk solution could be delivered within the timeline, at or below projected costs, and with immediate value to the firm.
  • Testing and ROI/Value needs were met

Location: Birmingham, AL

Industry: Construction Materials

Employee: 8,300

Vulcan Materials Company is the nation’s largest producer of construction aggregates-primarily crushed stone, sand and gravel-and a major producer of aggregates-based construction materials, including asphalt and ready-mixed concrete.