{ "case_studies": [ { "id": "cs-meridian-stadium", "headline": "Meridian Stadium cuts incident response time 51% across one NFL season", "customer": "Meridian Stadium Operating Co.", "vertical": "Stadiums & Arenas", "size": "72,000-seat capacity, 10 NFL home games + 22 concerts/yr", "geo": "Midwest US", "modules": ["Access", "Incidents", "Threat Intel (full)", "Crowd", "Dispatch", "Reporting"], "tier": "Enterprise", "go_live": "2024-08", "challenge": "Three siloed systems (Genetec for video, Ticketmaster for entry, Excel for incidents) meant the head of security was averaging 11 minutes to triage a P1 incident — twice the league benchmark. League safety audit flagged the gap.", "solution": "Sentinel Grid deployed on top of existing Genetec + Ticketmaster, plus our Threat Intel pod monitoring 9 high-risk concerts. Dispatch module replaced 4 separate radio channels with one routed feed.", "results": [ { "metric": "Median P1 triage time", "before": "11 min", "after": "5.4 min", "delta": "-51%" }, { "metric": "Incidents per 10K attendees", "before": 14.2, "after": 9.8, "delta": "-31%" }, { "metric": "League safety audit score", "before": "82/100", "after": "96/100", "delta": "+14 pts" }, { "metric": "Time to file post-event report", "before": "4 days", "after": "26 min", "delta": "-99%" } ], "quote": { "text": "We didn't replace anything. We finally connected what we already had. The first concert after go-live, my supervisors stopped looking at six screens and started looking at one.", "attribution": "VP, Stadium Security & Game Day Operations" } }, { "id": "cs-nordsom-festival", "headline": "Nordsom Festival ran a 60K-person event with zero crowd incidents after density alerts re-routed traffic at gate 3", "customer": "Nordsom Music & Arts Festival", "vertical": "Festivals", "size": "60,000 daily attendance, 3 days, 6 stages", "geo": "Northern Europe", "modules": ["Access", "Incidents", "Threat Intel (full)", "Crowd", "Dispatch"], "tier": "Pro", "go_live": "2025-05", "challenge": "After Astroworld, the festival's permit authority required documented crowd-density controls. Their existing approach (visual estimates from tower spotters) wouldn't pass.", "solution": "Sentinel Grid Crowd module ingested existing camera feeds. Pre-event Threat Intel briefings flagged two organized incidents being planned online. Mid-event density alert at gate 3 triggered 11-minute pause + reroute that prevented a likely surge.", "results": [ { "metric": "Crowd surge events", "before": "2 (prior year)", "after": "0", "delta": "-100%" }, { "metric": "Density alerts → action time", "before": "n/a", "after": "3 min median", "delta": "new capability" }, { "metric": "Permit approval time (next year)", "before": "11 weeks", "after": "4 weeks", "delta": "-64%" }, { "metric": "Insurance premium (next renewal)", "before": "baseline", "after": "-9%", "delta": "-9%" } ], "quote": { "text": "The permit office handed our security plan back the next year and said 'this is what we want to see from everyone.'", "attribution": "Director of Event Production & Safety" } }, { "id": "cs-ascend-hotels", "headline": "Ascend Hotels rolled Sentinel Grid across 64 properties; portfolio-wide incident reporting now ships weekly to the board", "customer": "Ascend Hotels Group", "vertical": "Hospitality", "size": "64 properties, 7,100 rooms, US + LatAm", "geo": "Americas", "modules": ["Incidents", "Reporting", "Threat Intel (lite)"], "tier": "Pro", "go_live": "2024-11 (phased over 5 months)", "challenge": "Each property logged incidents in a different format. The director of ops couldn't answer 'how many ID-fraud attempts last quarter portfolio-wide?' — and the insurance carrier was about to non-renew without controls evidence.", "solution": "Standardized incident schema across all 64 properties via Sentinel Grid. Threat Intel lite layer flagged organized fraud rings working multiple properties. Weekly board report auto-generated from Reporting module.", "results": [ { "metric": "Standardized incident reporting coverage", "before": "0%", "after": "100%", "delta": "+100 pts" }, { "metric": "Cross-property fraud rings identified", "before": 0, "after": 7, "delta": "+7" }, { "metric": "Insurance renewal outcome", "before": "non-renewal threatened", "after": "renewed at -4%", "delta": "saved" }, { "metric": "Time to portfolio incident report", "before": "3 weeks", "after": "instant", "delta": "-99%" } ], "quote": { "text": "I went from begging GMs for spreadsheets to having the board report on my screen at 9am Monday. The carrier conversation went from defensive to negotiating.", "attribution": "Director of Operations & Loss Prevention, Americas" } }, { "id": "cs-northbeacon-corporate", "headline": "Northbeacon's CSO got 14-day lead time on a doxxing campaign against three executives", "customer": "Northbeacon (tech company, anonymized)", "vertical": "Corporate Campus", "size": "12,000 employees, 4 campuses", "geo": "US + UK", "modules": ["Threat Intel (full)", "Incidents", "Dispatch", "Reporting"], "tier": "Enterprise", "go_live": "2024-05", "challenge": "Activist groups had begun targeting individual executives at the company's all-hands events. The CSO had no pre-event intelligence pipeline — first warning was usually social media at the event.", "solution": "Sentinel Grid Threat Intel pod monitored named executives + planned events across open sources, dark web mentions, and a curated activist-coordination channel list. Findings briefed weekly + on-trigger.", "results": [ { "metric": "Lead time on credible threats", "before": "<1 day", "after": "14 days median", "delta": "+13 days" }, { "metric": "Executive-protection incidents at events", "before": 4, "after": 0, "delta": "-100%" }, { "metric": "All-hands event safety audit", "before": "amber", "after": "green", "delta": "improved" } ], "quote": { "text": "For the first time, I was the one calling the executive team — not the other way around. That's the job.", "attribution": "Chief Security Officer" } } ] }