Modernise public-sector cybersecurity visibility and control
Almost 150 government agencies at all levels and other public-sector organisations rely on Abraxas for their IT services – and the client base is growing fast. However, previously an open-source SIEM from a third party was being used to protect both Abraxas’s environment and its managed services clients, leaving security case management unable to keep pace. The challenges included:
- Reducing complexity: The heavily customised platform demanded significant manual intervention.
- Improving performance: The platform struggled with growing workloads. For example, a distributed denial-of-service (DDoS) attack could lead to a surge in firewall logs, crashing the SIEM.
- Simplifying integration: It was difficult and time-consuming to connect new sources to the SIEM, potentially delaying Abraxas’s client initiatives.
- Reducing operational costs: As part of the managed SIEM service, Abraxas was provided with a catalogue of security use cases, with a fee charged for every new developed custom use case.
“The SIEM was holding back our growth – it wasn’t built with today’s threats in mind, it struggled with scalability, complexity, threat detection, and high false positives.”
Christoph Müller
Head of Security Solutions, Abraxas
A modern, AI-powered SOC platform
Abraxas was already realising success with its Cortex XDR endpoint deployment. This already established trust and familiarity spurred Christoph and his team to explore Cortex XSIAM to create a modern, AI-powered security operations center (SOC) platform.
-
Ensures agile and trusted managed security operations
![Ensures agile and trusted managed security operations]( "Ensures agile and trusted managed security operations")
Cortex XSIAM provides modern, reliable SecOps across 3,000 clients and in-house Abraxas devices. From one intuitive console, the team has 360-degree insight into every issue and case. Some 30% of cases are now resolved automatically, directly reducing the need for human intervention.In turn, this efficiency and confidence strengthen trusted relationships with Abraxas’s government customers in Switzerland.
“We’re seeing four times more issues than we used to,” says John Winter, Product Manager, Security Solutions, Abraxas. “We welcome this as we’re now acting on issues that would previously have remained undetected.”
-
Uncovers every threat in seconds – from any source
![]()
Issue detection now takes seconds, rather than the hours it took previously. The single SOC platform sees every asset, threat, and exposure with less noise.“If a trigger occurs, we have frictionless resolution. Using playbooks, actions are automated. In the past, we had to hunt down the source of the trigger, check which other systems might be impacted, and decide whether it was a false positive,” says John.
-
Reduces cost of operation
Abraxas is reducing SecOps costs by consolidating tools and automating tasks. Moreover, the managed SecOps cost overhead has been eliminated.
The simple platform also supports agility: New cloud and on-premises sources can be integrated in minutes rather than weeks.
“The efficiency we have gained through automation in XSIAM is equivalent to approximately two FTEs,” says John.
-
Inspires collaboration and innovation
![Inspires collaboration and innovation]( "Inspires collaboration and innovation")
Abraxas’s relationship with Palo Alto Networks delivers value across its organisation.
The collaboration includes:
- Development of a proactive security framework to safeguard clients from threats.
- Experience, resources, and tools to resolve issues quickly.
- Bi-weekly calls with the Palo Alto Networks Customer Success team.
“Palo Alto Networks is very focused on its partners. Their team brings together best-of-breed technologies and expert people to help Abraxas close security gaps and reduce risk,” says Christoph.
Cortex XSIAM provides modern, reliable SecOps across 3,000 clients and in-house Abraxas devices. From one intuitive console, the team has 360-degree insight into every issue and case. Some 30% of cases are now resolved automatically, directly reducing the need for human intervention.
Issue detection now takes seconds, rather than the hours it took previously. The single SOC platform sees every asset, threat, and exposure with less noise.
Looking ahead, Abraxas is considering Cortex Cloud to unify cloud posture management from a single console. “XSIAM is a sales differentiator. When we explain to clients that we use Palo Alto Networks, they know that we are doing our best to protect their data,” says Christoph.
Advanced capabilities lead to improved security posture
share this story
