Securing your internal systems with TLS can be a daunting task, even for experienced administrators. However, with the right tools and guidance, the process can be made more manageable. In this blog, we’ll show you how to enable TLS for your internal systems on your Cribl Leader Node. We’ll walk you through the steps, and provide a video tutorial embedded below to help you follow along.
In this blog post, we’ll demonstrate how to use Cribl Search for anomaly detection by finding statistical outliers in host CPU usage. By monitoring the “CPU Busy” metric, we can identify unusual spikes that may indicate malware penetration or high load/limiting conditions on customer-facing hosts. The best part? This simple but powerful analytic is easily adaptable to other metrics, making it a versatile tool for any data-driven organization.
2023 is well underway and now more than ever it’s important to stay ahead of data trends and security concerns that are ever mounting. With the cost of catastrophic cyber attacks estimated to be ten times that of all other disasters combined, businesses need to take proactive measures to implement a security data pipeline to protect their data and comply with security and retention requirements.
In the blog titled “Streamline Endpoint Data with Cribl Pack for SentinelOne Cloud Funnel” we dove into the Cloud Funnel data, its relevance in the modern SOC, and how Cribl Stream transforms the data while addressing visibility gaps. We left the AWS-specific details to this blog for those not yet familiar with configuring AWS S3 buckets, SQS Queues, and Identity and Access Management (IAM).
Cribl empowers you to take control of your observability, telemetry, and security data. Wherever your data originates from, wherever your data needs to go, and whatever format your data needs to be in, Cribl gives you the freedom and flexibility to make choices instead of compromises. Addressing visibility gaps by ingesting more data sources as the threat surface continues to expand has been a challenge.
In today’s economic climate, IT and security budget owners are always looking for ways to increase efficiency while controlling costs. With tighter budgets and increasing workloads, organizations have to find ways of stretching their limited resources while making sure investments are paying off.
Enterprises are entering 2023 following an increase in large-scale cybersecurity attacks over the last several years — Colonial Pipeline, Solarwinds, and even Twitter have all been victims — but events like these are not just increasing in number and sophistication. The amount of money involved is enough to make your head spin.
You don’t often see real change, but when you do see it you know it. Artificial Intelligence/Machine Learning toolsets like ChatGPT are finally starting to offer broad capabilities that will benefit a mass audience. These tools are moving out of the domain of data scientists and math nerds and into mass markets with a little bit for everyone. The potential reach is awesome and a little scary.
The supercloud concept promises fewer accidental architectures and more cohesive cloud deployments with better manageability. Delivering on this vision requires a mix of vendor-agnostic tooling for performance monitoring and securing data.
Recently, a customer brought me a challenging use case: They were looking to enforce quotas on their internal customers, i.e. other teams in the organization. The analytics team provides services such as searching and reporting capabilities to those other teams, which subscribe to the services through a chargeback model. Each team that subscribes is supposed to limit its ingestion of data to a quota: a maximum permitted ingest per 24-hour period.
