Case study

Veros Credit

Veros Credit Web Native
×
 

How Veros Credit gained complete visibility, peace of mind, and true partnership with eSentire’s Managed Detection and Response solution with 24/7 SOC-as-a-Service.

The Organization

Veros Credit Logo

Veros Credit is a leading auto finance provider, enabling dealerships to offer competitive financing options to their customers. With approximately 300 employees, a network of more than 2,000 automotive dealers, and a footprint that demands both agility and strict regulatory compliance, Veros Credit must ensure the protection of critical financial and customer data across its environment.

Veros Credit Logo
  • Lack of an in-house SOC meant they need complete visibility to protect their critical data.
  • Limited capability of incident response or security operations.
  • Wanted to look for a new MDR partner after their previous security provider failed multiple rounds of internal penetration tests.

Solution and Results

With eSentire MDR in place, Veros Credit now benefits from:

  • 24/7 Multi-Signal Managed Detection and Response (MDR) across Endpoint, Network, Identity, and Log for around-the-clock threat detection, investigation, and hands-on response, backed by real human analysts who proactively isolate hosts and take action on their behalf.
  • 24/7 SOC-as-a-Service for complete visibility across the entire attack surface from a team of SOC Cyber Analysts and Elite Threat Hunters who provide immediate threat response with a 15-min Mean Time to Contain (MTTC).

Business and Security Outcomes

  • 24/7 threat detection, investigation, and response capabilities with eSentire’s global SOC-as-a-Service operations
  • Improved visibility across endpoints, network, and logs for regulatory and business risk management
  • Rapid threat containment, consistently within eSentire’s <15-minute SLA, even during real-world pen tests
  • Seamless integration with existing technology stack, including CrowdStrike and Sumo Logic
  • Greater operational efficiency for a lean IT security team, enabling focus on business priorities
  • Significantly reduced frustration and improved peace of mind through true partnership and proactive response

The Challenge

Since Veros Credit operates in a highly competitive sector, they face the constant challenge of evolving threats and growing compliance requirements given the sensitive consumer financial data they manage. For Gia Bao Nguyen, IT Security Manager at Veros Credit, the responsibility is all-encompassing, from designing strategy to managing the daily operations.

“Being a small company, I have to wear multiple hats. I have to design, implement, operate, and test our security infrastructure. We don’t have the luxury of a big team with security expertise, so every decision matters.”

As Veros Credit expanded, its cyber risk exposure grew accordingly. Without the resources for in-house solutions, the company needed an alternative approach. Instead of bearing the high costs and staffing challenges of building internal security operations, Veros Credit chose to partner with a Managed Detection and Response (MDR) provider.

To do so, Gia opted to find a security provider who can act as a true extension of his team and offer 24/7 visibility across the entire attack surface.

However, Veros Credit’s first MDR provider left the team unimpressed with their lack of true response capabilities. Gia’s turning point came during a routine penetration test that he engages a third-party provider to conduct on his behalf. The previous security provider offered log monitoring but failed to deliver true threat detection or rapid response.

The results of the pen test were concerning: unauthorized logins in critical environments went undetected and were dismissed as “normal traffic.” For Gia, this was not just a technical gap but a significant business risk.

With only one IT security leader responsible for designing, managing, and maintaining all aspects of security, the stakes were high. The team was stretched thin, and frustration was mounting.

“Building an in-house SOC is simply too expensive and complex for a company our size. You need the right technology, processes, and – most importantly – people with real expertise. I needed a partner, not just another vendor.”

Why Veros Credit Switched to eSentire as Their Proven MDR Partner

The search for a new MDR partner centered on three key requirements: comprehensive visibility, proven rapid response, and the ability to act as a true extension of the Veros Credit small team. eSentire stood out immediately for several reasons:

  • Unmatched Transparency and Proof: Unlike other vendors, eSentire openly advertised a <15-minute Mean Time to Contain threats.
  • Advanced Technology and Deep Integration: eSentire’s ability to combine network sensors with industry-leading EDR (CrowdStrike) and log management (Sumo Logic) gave Veros Credit a holistic view of its threat landscape, something no prior provider could deliver.
  • Seamless Onboarding and Responsive Support: Veros Credit began onboarding three months before their prior contract expired, running both providers in parallel to ensure no gap in coverage. The transition was smooth, and eSentire’s team was responsive from day one.
Quote Icon

“You have to validate AI to make sure it’s giving you the right data or if it’s missing something. That’s why a human-driven SOC is still important. If you only rely on AI, you could miss a lot of stuff.”

Gia Bao Nguyen

IT Security Manager, Veros Credit

“I’m rigorous about testing. Every couple of months, I conduct unscheduled penetration tests against our own environment. With eSentire, I trigger an alert, start the clock, and see if they respond within 15 minutes. Every single time, they’ve delivered.”

The true value of these pen tests is that eSentire is never informed of them so Gia can see real results, not rehearsed responses. So far, every test has been caught and contained within 15-minutes – exactly as advertised. This has given Gia, and the leadership team at Veros Credit, true peace of mind.

“Our board and customers want to know we’re protected. With eSentire, I know we have the visibility and response we need. Now, I can actually sleep at night.”

What’s more, eSentire’s network sensor was a game-changer for Veros Credit. As a result, Gia now had visibility into the north and south traffic on his network, down to the specific dealer connections. “If I need to investigate a suspicious IP, the team pulls it up in under an hour. That level of visibility was impossible before.”

Of course, given how many other providers advertise AI-driven MDR investigations and response, Gia would be remiss to overlook how eSentire SOC Analysts are currently using AI to help them conduct their threat investigations and respond even faster. While AI is best for data processing and can help human SOC Analysts cut through the noise, humans are still needed to validate AI’s findings.

“You have to validate AI to make sure it’s giving you the right data or if it’s missing something. That’s why a human-driven SOC is still important. If you only rely on AI, you could miss a lot of stuff.”

With eSentire managing day-to-day security operations, Gia is free to focus on strategic projects and broader business priorities.

“Whenever I put in a high-priority ticket, the SOC responds quickly, usually within hours, always under 24 hours. That’s the kind of partnership I need. And I believe that eSentire is a good choice if you ever look for a new security provider because they have the expertise, the knowledge, and the technology in place to help you to cover those gap or those deficiency within the organization is especially having visibility to into your environment.”

Conclusion

eSentire’s combination of technology, people, and process has significantly reduced Gia’s frustration and given Veros Credit confidence to meet both regulatory and business demands.

By outsourcing security operations to eSentire, Veros Credit has shifted from reactive firefighting to proactive cyber risk reduction. The company now has enterprise-grade MDR coverage, rapid response to threats, and the ability to validate its security posture in real time. For a lean IT operation, that means greater efficiency, less stress, and more time to focus on growth.

“If you want a security partner who’s transparent, delivers on their promises, and lets you focus on your business, eSentire is the one. Their people, technology, and process work – period.”

Read More Case Studies and Reviews →

Ready to Get Started?

We’re here to help! Submit your information and an eSentire representative will be in touch to help you build a more resilient security operation today.