One of the most exciting things about bringing products to market at Cribl is seeing customers continually find new ways to leverage them to help solve their data challenges. I recently spoke to a customer who described Cribl as the foundation of their data management strategy and a key part of their post-acquisition data engineering process. Let’s take a deeper look into how Cribl can help.
Accelerate data engineering efforts post-acquisition to realize faster time to visibility, ease of integration with existing solutions and reduce the risk of gaps in security posture
During a merger or acquisition, the acquiring company needs to manage risk in several important areas like data protection, identity and access management, cyber threats, and compliance. It’s one thing to identify risk before a merger is finalized, or the probability of a breach occurring, and an entirely different challenge to integrate that new company into your standard security practices.
Data engineering efforts can often take a back seat to other key tasks post-merger or acquisition because there are many challenges to overcome. There is typically very little control over the existing technology footprint or tooling that exists in the acquired company. Therefore, you are forced to consume many different types of data, in completely different formats, and it may even be challenging to route the data properly. The security solutions in place can vary widely and you might have to contend with multiple SIEMs, XDR solutions, etc. Even with the same SIEM in place for both companies, it will be very time-consuming and challenging to integrate your data.
Cribl Stream really shines when it comes to data integration – it’s the Easy Button for onboarding, shaping, and routing data. Cribl Stream allows you to save pre-configured data pipelines and configurations to ensure the data is shaped and enriched properly, allowing you to make sure new data meets your current standards, and then send that data to the correct destinations. Decoupling data sources from destinations and having the control plane in the cloud makes this solution very quick and easy to implement, accelerating data engineering efforts and also providing repeatability in onboarding new companies to your existing security controls. With the data shaped and tagged properly, it can now be used by any of your downstream analytics solutions to apply automated responses and detections, consistent with the rest of your enterprise.
Another powerful capability of Cribl Stream is to route data to multiple destinations. The power of routing gives you the flexibility of forking the data to multiple security solutions on-premise or in the cloud. This powerful capability allows you to simplify your architecture and reduce the risk of migrating or consolidating solutions as you onboard acquired companies. A Cribl partner recently shared that they are able to reduce their typical integration time for acquisitions by a third for a key customer.
Cribl also enables you to send a full-fidelity copy of data to a data lake, allowing the acquiring company to easily meet compliance requirements in an affordable manner. Storing that data in a vendor-neutral format means that there is flexibility in how you can leverage historical data in the future depending on your needs.
As the acquiring organization assesses current capabilities and identifies gaps in coverage, Cribl Edge can help to get access to that data. For example, if data isn’t being collected from a particular type of endpoint, you can leverage Cribl Edge to forward that data to Cribl Stream or any other destination directly. In some cases, the acquired company may not have a SIEM solution in place and Edge can be deployed to quickly collect logs. It can also help ensure that you do not miss any data because it can perform data discovery and ensure we are capturing any logs being written, and not rely on someone giving you folders where the logs ‘should’ be stored.
Cribl Stream and Cribl Edge offer you full choice and control over your data. If you are ready to unlock radical choice and control, try Cribl’s free, hosted Stream or Edge Sandbox! I’d love to hear your feedback; after you run through the sandbox, connect with me on LinkedIn, or join our community Slack and let’s talk about your experience!
Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy. Customers use Cribl’s suite of products to collect, process, route, and analyze all IT and security data, delivering the flexibility, choice, and control required to adapt to their ever-changing needs.
We offer free training, certifications, and a generous free usage plan across our products. Our community Slack features Cribl engineers, partners, and customers who can answer your questions as you get started. We also offer a hands-on Sandbox for those interested in how companies globally leverage our products for their data challenges.