The Cribl team just wrapped up the 2023 AWS Summit in Washington, DC, and we were thrilled to spend a few days chatting with public sector organizations looking to gain the freedom and flexibility our products offer. While DJ Chan Don set the mood as attendees walked in by playing memorable 90s hits like Paramore’s “Ain’t It Fun” and N’Sync’s “Bye Bye Bye” in the venue, the conference stayed engaging across the full two days for attendees and existing customers learning about the cutting edge technologies to help them deliver on their mission-critical challenges.
Here are 3 of my key takeaways from the conference:
Public Sector Organizations Possess Substantial Untapped Potential When It Comes to Leveraging Cloud Technology for Positive Change – Especially When It Comes to Observability.
Vice President for AWS Worldwide Public Sector (WWPS) Max Peterson delivered an inspiring keynote address that provided insights into the potential of utilizing AWS solutions to achieve mission-critical objectives for public sector organizations. His speech established the overall tone for the event, encouraging attendees to delve into innovative AWS ecosystem solutions and harness cloud services’ vast capabilities.
We see this when it comes to observability: While log analytics and analysis solutions have come a long way, public sector organizations still need more flexibility on cost, formats, search speed, scale, and usability. Many tools and platforms make it difficult to send data to third-party analytics vendors—they want you to use their stack so they stay in control. The operational and security teams at the federal level encounter a predicament where they are burdened with data residing in costly cold storage systems. This data is stored in proprietary formats, necessitating a cumbersome manual procedure to defrost and restore it to its original format.
Moreover, considering the rapid surge in data volumes and the mounting requirements imposed by federal data and logging regulations, government agencies find themselves grappling with several challenges. They struggle to gain comprehensive insights into their data, regulate data sharing with other teams effectively, and cope with the escalating expenses associated with data storage.
Luckily, Cribl Stream offers a solution to combat this–giving federal organizations control over their data. Cribl offers a vendor-agnostic solution to data observability giving customers agency over how data is collected, reduced, enriched, normalized, and routed. This control empowers customers to support an organization’s goals and initiatives focused on improving their data infrastructure’s security, performance, and flexibility.
Federal Agency Challenges Around Data Sharing and Storage Are Exacerbated by Increasing Data Volumes and Vendor Lock-In.
Lots of attendees came by the Cribl booth sharing several of their challenges. Again and again, we heard customers share their difficulties with breaking down data silos and data governance. Cribl Stream can help unify data from a variety of sources into a single, centralized repository–giving greater flexibility to analyze data and identify trends and patterns. Also, the RBAC and audit logging capabilities enable administrators to enforce data governance policies by controlling who has access to data and how it can be used. These features help protect from unauthorized access and comply with M-21-31 requirements.
A quote from an engineer who visited our booth:
“Man! This looks so much [redacted] easier than NiFi!”
As Threats Evolve, OMB Mandates and Memorandums Aim to Help Agencies Improve Cybersecurity; Flexibility and Control Are Keys to Implementation and Compliance.
Public sector organizations turning to AWS for its flexibility, cost-effectiveness, and reliability often face the challenge of finding an observability solution that scales without breaking their budget. Cribl’s solutions were specifically designed to tackle this predicament.
During the Summit, Cribl’s Kam Amir, Director of Technical Alliances, took the stage in a Lightning Talk to discuss how public sector agencies can enhance their SIEM capabilities while ensuring compliance with the latest OMB mandates. Kam emphasized the issues faced by the customers, including the requirement to efficiently send events to SIEMs and other analytical workflows, collect DNS logs, and ensure each event log contains the necessary Minimum Logging Data.
Cybersecurity practices and workflows demand constant optimization in today’s rapidly evolving threat landscape. Cribl can enable agencies to comply with data enrichment and routing directives, allowing them to build robust cybersecurity frameworks. In his talk, Kam provided valuable insights on how Cribl Stream can support agencies to achieve best-in-class SIEM optimization and data reduction, all while effectively addressing the requirements of federal memo M-21-31.
Wrap up
The AWS Summit 2023 in Washington, DC, was an incredible few days of success. Kam’s presentation on optimizing SIEM and complying with OMB mandates struck a chord with attendees, while the lively atmosphere, combined with discussions on ZTA, created an enriching experience for all. Cribl Stream and Edge, designed to meet the unique challenges of observability, provided attendees with valuable insights and practical solutions.
Getting Started with Cribl for M-22-09
M-22-09 sets forth a Federal zero trust architecture strategy requiring agencies to meet specific cybersecurity standards and objectives by the end of FY2024, including encryption of all DNS requests and HTTP traffic in their environments and leveling practices on sensitive data monitoring, data categorization, and information sharing.
Are you wondering how in the world you’ll comply? Cribl streamlines encryption of high-volume requests and traffic simplifies data categorization , and provides the processing capabilities needed to protect sensitive data and enable M-22-09 compliance.
Join us for our webinar on June 22nd, and we’ll show you how to:
Easily route data to multiple destinations via a data pipelining engine between data sources and destinations
Transform data into any format or protocol for secure sharing
Encrypt DNS requests and HTTP traffic, redact or mask sensitive data, and enrich logs with relevant categorization information
