Lowe’s Accelerates Threat Detection and Response by 70%
With GreyMatter, Lowe’s unified its security tools, enhanced detection across legacy and modern systems to future-proof its security operations and keep pace with business growth.
Improved Visibility
Reduction in Alert Noise
Faster Threat Response
Building A Smarter Approach to Securing Business Growth
As one of the world’s largest home improvement retailers, Lowe’s is no stranger to rapid growth. With over 1,800 store locations and a workforce of 7,000 IT professionals, the company’s technology footprint expanded significantly in recent years with innovations like augmented reality and multi-cloud environments. However, this growth introduced new challenges downstream for its security operations: fragmented systems, visibility gaps, and a surge in low-priority alerts.
To keep pace with its growth, Lowe’s needed a scalable security solution capable of unifying operations, enhancing detection accuracy, and streamlining workflows—all without disrupting day-to-day operations.
By introducing ReliaQuest GreyMatter’s agentic AI security operations platform, Lowe’s achieved a 200% improvement in visibility, reduced alert noise by 88%, and accelerated threat response by 70%. This transformation not only resolved immediate operational challenges but also empowered Lowe’s to fundamentally redefine its security operations, allowing its team to focus on advanced threat hunts, proactive defense strategies, and strategic initiatives.
Rapid Growth and an Expanding Attack Surface
Between 2017 and 2019, Lowe’s added $35 billion in revenue while adopting new technologies to enhance customer experiences. However, this progress stretched their security infrastructure thin.
Marc Varner, CISO at Lowe’s, knew a scalable solution capable of unifying detection across their existing systems was possible—and needed—to secure their growing business. But equally important was ensuring that the solution could free the team from mundane, repetitive tasks, enabling analysts to focus on higher-value work that could help Lowe’s stay ahead of evolving threats.
Scaling Challenges
Alert Overload
Visibility Gaps
The Solution
Future-Proofing Security Infrastructure with the GreyMatter Agentic AI Security Operations Platform
Lowe’s partnered with ReliaQuest GreyMatter to transform its security operations into a scalable, efficient system built to support growth. With agentic AI built into GreyMatter’s modular architecture, Lowe’s unified its security tools, enhanced detection accuracy, and automated workflows.
How GreyMatter Delivered:
Unified Visibility Across the Attack Surface
Lowe’s growth introduced blind spots across its sprawling attack surface, making it difficult to detect threats proactively. GreyMatter consolidated data from 33 systems—including legacy mainframes, cloud platforms like AWS and Azure, and SaaS applications—into one centralized view. This unified visibility eliminated blind spots and provided actionable insights to address vulnerabilities, strengthen defenses, and enable faster decision-making.
Automated Processes to Reduce Noise
Duplicate and low-priority alerts overwhelmed Lowe’s security team, leaving analysts bogged down by repetitive tasks. GreyMatter’s agentic AI automated alert filtering, reducing noise by 88%. This automation empowered Lowe’s team to shift their focus from handling mundane Tier 1 and Tier 2 tasks to developing proactive defense strategies and conducting higher-level threat hunts, directly addressing the industry’s cybersecurity talent shortage.
Enhanced Threat Detection Across Unified Systems
Insights scattered across disconnected systems made it challenging to correlate data and prioritize risks. With GreyMatter, Lowe’s centralized detection capabilities allowed analysts to create and deploy detections remotely across all tools and technologies. By enriching detections with real-time threat intelligence, Lowe’s team moved beyond basic monitoring to proactive threat detection, staying ahead of evolving risks.
Proactive Risk Management Beyond the Perimeter
Lowe’s faced risks not only within its internal systems but also from external threats, such as exposed credentials, third-party vulnerabilities, and brand reputation risks. GreyMatter’s Digital Risk Protection (DRP) capabilities expanded Lowe’s visibility beyond internal systems, introducing proactive monitoring and protection against external threats.
Plug-and-Play Architecture to Future-Proof Operations
Rapid growth required Lowe’s security infrastructure to scale efficiently, but onboarding new tools and maintaining legacy systems created significant operational strain. GreyMatter’s plug-and-play architecture allowed Lowe’s to integrate new tools seamlessly without disrupting operations, ensuring their infrastructure could adapt to emerging threats and evolving business needs.
Lowe’s and ReliaQuest: A Secure Foundation Built for Operational Resilience
ReliaQuest GreyMatter empowered Lowe’s to overcome the challenges of rapid growth by unifying tools, delivering actionable detection capabilities, and automating processes. And with GreyMatter, Lowe’s was able to leave mundane work to AI and prepare its team to take on strategic, valuable defense strategies.
Our technology environment is incredibly complex, spanning everything from legacy mainframes to virtual goggles that you can look at your new kitchen design from within our stores. We had so many disparate feeds across systems, and the challenge was finding a way to unify them without disrupting operations or sacrificing detection capabilities. The ReliaQuest value prop of ‘come as you are’ was exactly what we needed to bring everything together and scale effectively.Marc Varner CISO at Lowe’s
Explore Other Case Studies
See GreyMatter in Action
Get a live demo of our security operations platform, GreyMatter, and learn how you can improve visibility, reduce complexity, and manage risk in your organization.
