Case Study

FINRA Levels Up their Data Game without a Steep Learning Curve

star-round-framed
Highlights

“WE PLAN TO LEVERAGE CRIBL TO DEMOCRATIZE DATA PARSING BY OTHER GROUPS IN THE ORG, SO WE CAN TELL THOSE TEAMS, ‘ANY DATA YOU WANT TO SEND, ANYWHERE TO ANYWHERE – WE CAN SET YOU UP TO ACHIEVE.‘ ”

SIDDHARTHA DADANA,
DIRECTOR OF INFORMATION SECURITY ENGINEERING

Share:

Finra logo
FINRA (The Financial Industry Regulatory Agency) is a not-for-profit organization that regulates one critical part of the securities industry: brokerage firms doing business with the public in the United States. FINRA enables investors and firms to participate in the market with confidence by safeguarding its integrity.
Siddartha Dadana’s Security Engineering team maintains platforms for security across all of FINRA’s enterprise, and is responsible for all aspects of managing the data generated by their apps and infrastructure – from network, application, metrics, and security. This is no mean feat – the flow into their analytics platform alone reaches 4TB a day. When they were asked to figure out a way to stream much of that data to multiple different locations to meet archiving requirements, Dadana recalled a demo he’d seen a few months back and began an evaluation of Cribl Stream.
All of the Grownup Features, None of the Growing Pains
Right away, they were off to the races, getting the right data flowing to the right destinations, in the right formats – within just hours rather than the weeks or months that would otherwise have been needed.

“One of the primary things was how easy it was to set up, install, deploy, to just do the basics right. We didn’t expect it to be this straightforward!”

Siddhartha Dadana
Director of Information Security Engineering
Once those basics were in place, Dadana’s team quickly moved on to the nice-to-haves. With Stream, they are enhancing VPC Flow logs as they arrive from AWS with dynamic, contextual lookups of IP address ownership. This erases the need to manually update Elastic Network Interface (ENI) mappings whenever something changes. This metadata gets added before the data is delivered for analysis – without increasing the cost or complexity of their environment.

“We probably would have had to spin up and maintain multiple tens of servers and compute processes to do this otherwise. Stream takes that load from my team.”

Siddhartha Dadana
Director of Information Security Engineering
Planning for a Smarter Machine
Now that Stream is delivering on what they needed, the team at FINRA is expanding their usage to drive greater innovation:

“When we first evaluated Stream, we were just trying to solve a single problem...but now we are starting to up the game in terms of what we can do.”

Siddhartha Dadana
Director of Information Security Engineering
The team is planning to leverage Stream’s real-time processing engine to identify and examine unusual behaviors inside and outside their network, using their own machine learning (ML) to model data traffic and define what’s “normal” based on the huge volumes of data they see.
Empowering Other Teams
Many teams at FINRA work with high volumes of data, and Dadana wants them all to have access to the analytics tools they want to use without the hassle that typically goes along with supporting an array of different formats and destination requirements. The solution? Stream makes it so easy to onboard new data that they’re moving toward a self-service environment.

“We plan to leverage Cribl to democratize data parsing by other groups in the org, so we can tell those teams, ‘Any data you want to send, anywhere to anywhere – we can set you up to achieve that goal.”

Siddhartha Dadana
Director of Information Security Engineering
Find out how your business can implement an observability pipeline to route, restructure, and enrich data in flight, while cutting costs and simplifying operations. Get Cribl, and take control of your data.

About Cribl

Cribl makes open observability a reality for today’s tech professionals. The Cribl product suite defies data gravity with radical levels of choice and control. Wherever the data comes from, wherever it needs to go, Cribl delivers the freedom and flexibility to make choices, not compromises. It’s enterprise software that doesn’t suck, enables tech professionals to do what they need to do, and gives them the ability to say “Yes.” With Cribl, companies have the power to control their data, get more out of existing investments, and shape the observability future. Founded in 2017, Cribl is a remote-first company with an office in San Francisco, CA. For more information, visit www.cribl.io or our LinkedIn, Twitter, or Slack community.

Pixel Mask