Download PDF version Contact company

Naranja is Argentina’s largest issuer of credit cards. With over 5 million clients and 210 storefront locations across the country, the company has a substantial presence in nearly every city.

Headquartered in Cordoba, Argentina’s second-largest city, Naranja has over 4 million cardholders and 9 million active cards that perform 146 million transactions per year. While its primary operations are in Argentina, Naranja also has a strong presence in Peru and the Dominican Republic via its business partnerships.

Naranja recently entered the fintech sector through Naranja X, a mobile app that satisfies customers’ daily needs with digital products and services for people, merchants, and small businesses.

Security Operations Centre

The company has a workforce of around 3,000, with a security team made up of 30 people. There are three pillars within the security team: digital information security, which covers products and standard security revisions; cybersecurity, which includes the Security Operations Centre (SOC) and several tools for SIEM and endpoint protection; and security information, which pertains to digital brand protection strategy.

The SOC team primarily uses IntSights Threat Command for brand protection initiatives. Daniel Daniele, the Information Security Lead, and Leonardo Ariel Chiodin, an Information Security Analyst, use the IntSights platform daily as part of their brand protection activities.

Lack of determining threat

SOC team used online tools to manually check for mentions of Naranja, but these tools were not capable of alerting the team

Before adopting IntSights, Daniele’s team was faced with performing manual threat hunting and monitoring of domains, social media platforms, and other sources where Naranja digital assets could be exposed or at risk. Naranja’s security team lacked visibility into external threats to the company’s online brand, such as malicious spoofed domains or leaked credentials.

The SOC team used several online tools to manually check for mentions of Naranja, but these tools only provided surface-level information and were not capable of alerting the team when targeted threats emerged.

If the team did not manually check the sites they knew of frequently, it would leave the company susceptible to cyberattacks. The limited visibility into external threats and the security team’s reactive strategy meant that Naranja needed to rely on the existing perimeter and endpoint security solutions in the event of an attack.

IntSights Threat Command

Naranja’s SOC team knew they needed to embrace a more proactive strategy to identify external cyber threats. They looked into several different vendors in the cyber threat intelligence space, measuring each solution’s capabilities against the company’s most pressing needs.

Naranja team determined that IntSights Threat Command provided the best threat data to provide broad visibility

After careful consideration, the Naranja team determined that IntSights Threat Command provided the best threat data compared to other vendors. The quality, breadth, and accuracy of the threat alert IntSights provided were superior to that of the other vendors.

The Naranja SOC team decided it was the best fit to provide broad visibility into external threats targeting the organisation, offering the automated ability to constantly monitor for threats.

Efficient threat detection with ETP 

Since Naranja deployed IntSights, Daniele and Chiodin have gained visibility, become more efficient, and been able to focus more on threat investigation, rather than manually searching for and identifying threats.

The SOC team has visibility into threats targeting Naranja’s digital assets and personnel, whether it be stolen credit card numbers, spoofed domains, or targeted corporate executives and VIPs. They receive automated daily alerts regarding external cyber threats directly within the IntSights External Threat Protection (ETP) platform.

Naranja’s SOC team can focus on the most important or pressing threats against the brand, as Threat Command identifies critical and actionable threats. The platform’s detailed threat data provides critical information that enables the security team to prevent credential or credit card leaks. With IntSights in-platform remediation tools, Daniele and Chiodin can mitigate the risk of threats before they evolve into cyberattacks by proactively shutting them down at the source.

Download PDF version Download PDF version

In case you missed it

Global regulations of AI: the role and impact on the physical security industry
Global regulations of AI: the role and impact on the physical security industry

The artificial intelligence revolution in physical security has arrived, transforming how we protect people, assets, and infrastructure. From smart buildings that automatically ad...

How does security innovation impact the skillsets operators need?
How does security innovation impact the skillsets operators need?

Technology automates tasks, streamlines processes, and improves efficiency in various fields, including physical security. But the success of today’s latest technologies depe...

How can manufacturers and integrators mitigate the risks of port forwarding?
How can manufacturers and integrators mitigate the risks of port forwarding?

Port forwarding is a networking technique that allows incoming traffic on a specific port number to be redirected to a particular device or application on a local network. Open por...

Quick poll
What's the primary benefit of integrating access control with video surveillance?