- Build a modern security stack that enables Sigma Computing’s security operations team to resolve incidents while providing 360-degree threat visibility so the team can be more proactive
- Give Sigma Computing’s security team the ability to ingest all logs into one central platform that easily integrates with existing data sources so the team can easily detect all anomalies and identify actual security alerts
- Align security strategies and operations with the CISO’s business objectives so that security operations can be a business enabler instead of a barrier
- Difficulty classifying which alerts are false positives or if something needs to be done
- Difficulty scaling the security team to keep up with the threat landscape
- Difficulty figuring out what tools to use to address the challenge to help with the magnitude of alerts and scale Sigma Computing’s security team
Sigma Computing wanted to move away from legacy security tools because they presented a constant challenge for the Head of Security and GRC, Rahul Gupta: “How can I consolidate all my data sources without giving trouble to my team? How can it be done in a time-efficient manner? I can have a legacy tool where I need to deploy many servers, and then an agent needs to be installed to collect the data. Then the trouble is, who is going to write all those correlation rules for me? I am scaling my operations, but they [my team] have other things to do.”
Getting a proof of concept up and running with other vendors’ tools can take several weeks. And building a SIEM can take months. But Sigma Computing got Anvilogic up and running in a couple of days, and the platform was ingesting all of the company’s data in one week. Within the first month, the company had full visibility into threats and potential blind spots.
Building an ecosystem with Snowflake and Anvilogic gave Sigma Computing comprehensive coverage of its data sources. Now, the company can easily manage network security, cloud security, identity, and more holistically — instead of relying on alerts provided by the native tools for each of those areas. Anvilogic provided those alerts through one unified platform and correlated them to give a full understanding of what’s happening in Sigma’s environment.
“Building a modern security data lake is the way to go, with which you can enable all these anomaly detections with Anvilogic so you don’t have to worry about legacy tools,” Rahul said. “I know we have a good posture, and we are secure from an operations standpoint.”