<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2659386&amp;fmt=gif">
Talk to an expert
Case Studies

Veem Helps Ensure Compliance, Security, and Customer Trust with 24/7 SOC-as-a-Service

Founded in 2014 by a team of payments experts, Veem is a global payments network that simplifies how businesses send and receive funds around the world. Veem now serves over 400,000 customers in over 100 countries. Major corporations like Facebook, Maersk, and Orange trust Veem to connect them with partners, suppliers, vendors, and customers. Businesses at all stages of growth expect that Veem’s cloud-based payment application will keep sensitive information associated with their business and transactions secure. That trust is central to Veem’s own business and growth.

As a growing company in the financial services sector, Veem needed to build a strong security program. It was crucial to build trust with all stakeholders: customers, partners, and investors.

iStock-874074588Veem needed to meet its organizational goals securely. However, security spending was constrained by staffing budgets and funds were directed to other growth related sectors of the business. Insufficient budget and time spent on building security leads to lax data protection, failed compliance, degraded reputation, service interruptions, or data breaches.

As a fintech firm, Veem collects and processes sensitive data of customers and has an obligation to protect that information, just like traditional banks. As a result, Veem must remain compliant with a number of regulations, including the PCI DSS standard. At the same time, Veem has to defend against attackers interested in their money and data. Attackers are most likely to target the internet-facing applications or individual user endpoints, via methods including phishing, insider threat, and drive-by downloads.

The financial sector is often the target of sophisticated and highly motivated threat actors, making detection and response more important than ever. Veem needed a way to actively monitor and detect potential security events, reduce response time, minimize breach impact, increase security visibility, keep the business informed of cyber risk, stay ahead of attackers, and ensure compliance. In light of these needs, Veem recognized the value of a 24/7 security operations center (SOC), but also realized the lack of in-house resources to build, staff, and operate one within the time constraints.

Veem partnered with Cysiv to identify necessary security controls and implement SOC-as-a-Service. Within weeks of beginning that partnership, Cysiv was ingesting security telemetry, infrastructure and application data, and applying the out-of-the-box rules to begin monitoring for, triaging, and investigating incidents. Crucial indicators for Veem have included ones for lateral movement, compromised credentials, privilege escalation, data exfiltration, and manipulation of internet-facing applications via methods like cross-site scripting and SQL injection. Since then, Cysiv has continued to create custom rules for specific use cases, such as denial of service attacks or website attacks that affect Veem’s reputation.

This collaboration has significantly improved our detection and incident response capabilities for both cloud and onpremise resources. It has also helped us meet some of the industry-driven requirements from a security point of view and a compliance perspective.

– CISO of Veem, Najma Sultana

In parallel with this partnership, Veem has grown its own security team, hiring a head of security as well as an in-house analyst who interacts with Cysiv’s experts and the Cysiv platform on a regular basis. This ensures that the SOC-as-a-Service partnership continues to adapt and provide adequate monitoring to meet business goals.

Cysiv’s consumption-based pricing meant Veem could get the services they needed at a cost that fit their budget.


As a result of their partnership with Cysiv, Veem has been able to focus on their core platform and growth while also being able to strengthen security in a way that builds client trust. Cysiv’s SOC-as-a-Service gives them the confidence of 24/7 alerting and monitoring, with rules that expand and evolve with both the threat landscape and business goals. This reduces the risk of a data breach, meaning that Veem’s reputation can remain strong, and they can retain the trust of stakeholders. Finally, Cysiv’s SOC-as-a-Service helps Veem meet the stringent compliance requirements of the financial services industry, another core demand of their stakeholders.



back to all resources
share this:

related to this

The Business Case for SOC-as-a-Service