Doğuş Group outsmarts cyberthreats with Microsoft Enterprise Mobility + Security and Microsoft Defender

Protecting valuable data

“Over the past two years, we have seen cybersecurity risks, attack types, and attack sophistication increase significantly,” begins Aziz Şaşmaz, Cybersecurity Group Manager at Doğuş Teknoloji. “A lot of our end users were targeted over this period. We also needed to enhance security for our employees, especially our machine learning and AI staff.”

For Doğuş Group, it was the right time to re-evaluate its security approach. The focus: strengthening attack detection and prevention at the source, while accelerating case resolution and incident response. “We consider endpoint detection and response (EDR) to be mandatory today,” Şaşmaz shares. “It is indispensable simply because there are lots of ransomware and other data leak-focused attacks.”

The company evaluated a number of different EDR products in terms of PowerShell exploitations, memory exploit mitigation, remediation ease and more. Şaşmaz explains, “Having conducted a thorough examination of our infrastructure and tried many EDR products, Microsoft’s offering came out on top.”

A comprehensive, integrated solution

Doğuş Group decided to implement the use of Microsoft Enterprise Mobility + Security suite, as well as Microsoft 365 Defender for Endpoints and Defender for Office 365. It also chose Microsoft Cloud App Security for enhanced cloud storage protection. The security solutions were easily incorporated into the existing environment since the company was already using Microsoft technology widely for daily tasks.

The technology now offers better protection and reporting. For example, Microsoft Defender for Identity is better than its competitors at detecting malware. “Microsoft EDR effectively investigates suspicious events and its reports offer an in-depth analysis,” says Barış Güney Yılmaz, Cybersecurity Consultant at Doğuş Teknoloji.

Scripting has also been dramatically simplified. “Kusto is a great scripting language since it’s very easy to use. I can write scripts against the latest attacks and find other helpful scripts on GitHub,” says Yılmaz.

Doğuş Technology has also seen stronger defense of files stored in the cloud. “With so much data on OneDrive, we were seeing an increase in malicious files. But with Microsoft Cloud App Security, we can now find any malicious software, warn users, or even write a rule to delete problematic files,” says Yılmaz.

Importantly, Şaşmaz and his team also witness faster attack responses and a significant acceleration in incident investigation. “The process of investigating security events once took days. Now, it only takes hours with Microsoft EDR. This dramatically reduces the effort needed for threat hunting and incident response,” says Şaşmaz.

To demonstrate this, Şaşmaz shares a recent example of when suspicious activity was detected both in an endpoint and on a server. “The investigation that used to take days without an EDR only took several hours with EDR,” he notes. “The reports were excellent. At the end, we were sure that no harm had been done to our infrastructure or data.”

“Given the complexity of our business, it could have taken a lot of time to implement all the security products we wanted,” Şaşmaz sums up. “Microsoft and our technology partner ADEO provided us with all the support we needed for a successful implementation.”

Eray Gözener, Executive Vice President of Technology Operations and Cyber Security at Doğuş Teknoloji, echoes Şaşmaz’s positive sentiments. “Thanks to Microsoft solutions, we are far more confident in our ability to detect and remediate threats rapidly. We look forward to implementing Microsoft technology in more areas of our business.”