SHI secures better endpoint protection for national travel stop chain

Challenge:

A large, family-owned travel stop chain with over 550 locations struggled to ensure endpoint security through their provider at the time. Much to the customer’s concern, this popular provider had not been able to keep up with the industry in realm of endpoint detection and response (EDR). While the primary focus for that provider has always been to offer an airtight endpoint protection platform (EPP), both EDR and EDP are needed for a successful endpoint protection solution. Most recently, the industry has been moving towards extended detection and response (XDR), which the provider was slow to adopt.

Unfortunately, the incumbent’s product was too complicated for the customer to perform basic triage and root cause analysis of a security incident. The practice of application whitelisting is also inherently complex and proved to be a challenge, leaving the customer with over 6,000 exclusions to manage. Faced with these issues, the travel stop chain was looking for robust cybersecurity protection that allowed their IT staff access to a streamlined and simple set of management tools.

Solution:

SHI was asked by the national chain to review their current EDR solution. With concerns their incumbent solution was not investing in innovation, they wanted to explore new platforms that supported a more comprehensive XDR set of services. This meant one that delivered visibility into data across networks, clouds, endpoints, and applications while applying analytics and automation to detect and remediate threats.

SHI’s security solutions team worked with the chain’s own internal security team to identify SentinelOne's Singularity XDR — and another market leading alternative — as the best options to address their current and forecasted needs.

Results:

Leveraging SHI’s Customer Innovation Center (CIC) and cybersecurity labs, SHI put both solutions through their paces with a Proof of Concept (POC) exercise. With its technical ease of use and better incident response, SentinelOne was the clear winner, utilizing patented Storyline behavioral AI to monitor, track, and contextualize all event data across endpoints, cloud workloads, and IoT devices. In key differentiators, this solution also outperformed the previous provider when it came to triage and root cause analysis, incident remediation, (which removes all traces of a zero-day attack), and roll back (which restores any files that may have been encrypted or deleted).

The combination of better EPP/EDR/XDR now allows the chain’s team to detect incidents quicker and respond without having to re-image machines. This reduces the burden for IT teams and the recovery time for the customer from hours to seconds. And while the application whitelisting process of the previous provider left the customer with over 6,000 exclusions, SentinelOne had less than 20.

Ultimately, the chain’s team appreciated having a dedicated SME from SHI to build out criteria that evaluated the two cybersecurity vendors. Notably, the SHI team was 100% agnostic, transparent, and oversaw the project to its completion.