Will the next chapter of security operations look much like the last one? Or will it be a story of SIEM lock-in being replaced with security organizations choosing the mix of tools and platforms tailored to their needs? We are proud to partner up with Cribl, the Data Engine for IT and Security, to deliver choice, control, and flexibility for the SOC.
Cribl and Anvilogic present: Three steps to a security operation that doesn't lock you in:
Step 1: Own your SIEM pipeline with Cribl
Step 2: Own your SIEM data in your security data lake
Step 3: Own your SIEM analytics with Anvilogic
A Partnership with Unique Advantages
Anvilogic’s modular approach to security analytics, combined with Cribl’s robust data routing capabilities, offers unmatched flexibility and cost efficiency for security operations centers (SOCs). This partnership covers a range of use cases where customers using Cribl to route data, can use Anvilogic to gain proactive threat detection across their destinations. Organizations interested in Anvilogic as their multi-data platform SIEM can adopt Cribl Stream as their flexible, independent data pipeline.
Joint Customers Seeing Significant Cost Savings
Security teams have already started using Cribl and Anvilogic together. One leading financial services firm uses Cribl Stream to transport, filter, and shape its log data, including over 1 terabyte of Windows Events daily. Initially, this customer integrated Anvilogic with its Splunk log repository to mature its detection engineering program, increase MITRE ATT&CK coverage, and reduce resource constraints. The organization identified several high-volume log sources, including Windows Events, responsible for much of their SIEM costs.
With control of their observability pipeline in Cribl, this organization was able to fork the Windows Events stream to a cost-effective data lake alternative in parallel to the existing SIEM destination. This avoided disrupting existing workflows while deploying prebuilt threat detections from the Anvilogic Armory. The team validated the detection outcomes with their new destination and was excited to find cost savings of over 80% for the migrated use cases. An easy configuration change in Cribl Stream then completed the transition.
Take Control of Your Security Data and Analytics
Flexibility for the SOC, as demonstrated in the example above, creates opportunities for better detection coverage, greater automation, and lower costs. Cribl gives the security team unprecedented control with support for a diverse array of data platforms across all major clouds. Anvilogic turns those data destinations into high-fidelity threat detections. This partnership represents an exciting new chapter for security operations with more control of their data than ever before.
Discover how Cribl and Anvilogic can put your security operation in control of its data and analytics. Contact us today to learn more.