Large Retailer Group Case Study

Future Security Operating Centre (SOC)

Assisting a major UK retailer group in addressing security and risk management issues

Customer Profile

A leading retailer in the UK driven by a passion for serving and helping every customer.
Offering great quality products at competitive prices, whilst making the experience of shopping convenient,  both in-store or online for the customer.


The end transaction needed to be simple, repeatable and effective while allowing for a tailored service to the client – encompassing, licensing, support, deployment and ongoing education.

As a result of the multiple business units and teams using different tooling for their monitoring and alerting strategy, it was imperative that they could migrate and consolidate their SIEM tooling into a single platform, which would be SaaS-based to save cost and meet their cloud strategy.

Once migrated and consolidated, it was imperative that a transparent monitoring and alerting strategy was developed and implemented to allow for effective use case development and progression across the teams that use their SIEM.

Easy Procurement

A simple method of procurement of a leading enterprise security and data platform

Full SIEM Migration

Migrate their SIEM tooling across multiple businesses into a single SaaS solution

SIEM Into Single SaaS Solution

SIEM use-case tuning and development

Event Correlation

Enable enhanced event correlation across multiple business units


The retailer now has a workable solution and defined process in place to correlate across a large and varied technology stack between their different business units. This has led to an acceleration of understanding of the risk and threats specific to their business and markets.

Reduced Operating Cost

Single solution across multiple teams, cloud architecture built in AWS and 8/10 management tasks removed

Standardised Data Collection

Also allows flexibility to pivot and change due to consistency of format, without impact on business operations

Consolidation to Single SIEM Platform

Increase business productivity through real-time analytics and dashboards.

Simplification and Repeatability of Processes

Simplification and repeatability across teams, particularly for incident response and investigations - allowing for quicker MTTI MTTR

Significantly reduced investigation times

Significantly reduced investigation times with Splunk's schema on the fly and flexibility


Provides fast time to value with a full instance delivered ready to ingest data on day one, without the constraints of hardware management.

Enterprise Security

Gain end-to-end visibility into your security posture with actionable intelligence that helps you prioritise and act fast.

Watch the full presentation below:

Read other customer case studies:

Utility Case Study

How to monitor, report, and alert on data from all devices

Okta Case Study

Helping organisations match agility with security

Public Sector Case Study

Local authority delivers a range of services from education, environmental and social care

Contact Us

Schedule a call with one of our certified engineers and pre-sales team. Or drop us a line if you have any questions.

Scroll to Top