Operations | Monitoring | ITSM | DevOps | Cloud

AWS Configuration for the Cribl Pack for SentinelOne Cloud Funnel

In the blog titled “Streamline Endpoint Data with Cribl Pack for SentinelOne Cloud Funnel” we dove into the Cloud Funnel data, its relevance in the modern SOC, and how Cribl Stream transforms the data while addressing visibility gaps. We left the AWS-specific details to this blog for those not yet familiar with configuring AWS S3 buckets, SQS Queues, and Identity and Access Management (IAM).

Streamline Endpoint Data with the Cribl Pack for SentinelOne Cloud Funnel

Cribl empowers you to take control of your observability, telemetry, and security data. Wherever your data originates from, wherever your data needs to go, and whatever format your data needs to be in, Cribl gives you the freedom and flexibility to make choices instead of compromises. Addressing visibility gaps by ingesting more data sources as the threat surface continues to expand has been a challenge.

Introducing the Cribl Stream Reference Architecture

Join Ed Bailey and Eugene Katz as they unveil the first Cribl Stream Reference Architecture, designed to help observability admins achieve faster and more valuable stream deployment. In this live stream discussion, Ed and Eugene will explain the importance of a quality reference architecture in successful software deployment, and guide viewers on how to begin with the Cribl Stream Reference Architecture by first establishing end-state goals. They will also share different use cases and help viewers identify which parts of the reference architecture are applicable to their specific situation.

Empowering SecOps Admins: Getting the Most Value from CrowdStrike FDR Data with Cribl Stream

Join Ed Bailey and Sidd Shah as they discuss how Cribl Stream can empower Security Operations Admins to make the most of their CrowdStrike FDR data. During the discussion, Ed and Sidd will address the challenges faced by CrowdStrike customers who generate a vast amount of valuable data each day but struggle to leverage it fully due to complexity and size. They will explain how Cribl Stream can help SecOps admins extract the right data for their SIEM, while moving the rest to their Security Data Lake, enabling them to get the maximum value from their data and be cost-effective at the same time.

Tackling the Security Budget in Times of Economic Uncertainty: IT and Security Leaders Prioritize Cybersecurity

In today’s economic climate, IT and security budget owners are always looking for ways to increase efficiency while controlling costs. With tighter budgets and increasing workloads, organizations have to find ways of stretching their limited resources while making sure investments are paying off.

Future Cybersecurity Attacks Predicted to Cost 10x More Than Natural Disasters

Enterprises are entering 2023 following an increase in large-scale cybersecurity attacks over the last several years — Colonial Pipeline, Solarwinds, and even Twitter have all been victims — but events like these are not just increasing in number and sophistication. The amount of money involved is enough to make your head spin.

The Future of Tech: Exploring AI/ML and ChatGPT

You don’t often see real change, but when you do see it you know it. Artificial Intelligence/Machine Learning toolsets like ChatGPT are finally starting to offer broad capabilities that will benefit a mass audience. These tools are moving out of the domain of data scientists and math nerds and into mass markets with a little bit for everyone. The potential reach is awesome and a little scary.

Enforce Quotas on Data Ingestion with Redis

Recently, a customer brought me a challenging use case: They were looking to enforce quotas on their internal customers, i.e. other teams in the organization. The analytics team provides services such as searching and reporting capabilities to those other teams, which subscribe to the services through a chargeback model. Each team that subscribes is supposed to limit its ingestion of data to a quota: a maximum permitted ingest per 24-hour period.

In a Toxic Relationship with Your Current Observability Search Tool? There's Other Fish in the Sea

IT tools are similar to romantic relationships. Over time, you tend to fall into the same old dull routines, like Rupert Holme’s song Escape (The Piña Colada Song). That routine — collect dataset, route, ingest ($$) and then search, collect dataset, route, ingest, then search, … this approach is not only breaking your heart but your budget too.