Name: Supercharge Your SOAR Solution with Cribl LogStream
Start: 2021-12-16T16:00:00Z
End: 2021-12-16T16:00:32.000Z
Location: BrightTALK
Rating: 0

Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy. Customers use Cribl to analyze, collect, process, and route all IT and security data, delivering the choice, control, and flexibility required to adapt to their ever-changing needs. 

Interested in seeing first-hand how Cribl can support your use case? Sign up for Cribl.Cloud and process up to 1TB/day, for free! https://cribl.io/cribl-cloud/try-cribl-cloud/


During this module, Perry and Sri focus on harnessing the monitoring capabilities of edge systems to analyze service error logs and pinpoint the underlying cause of issues, all while retaining the ability to route and store them efficiently.

The Network Edge: Leveraging the Data

As a follow up to our webinar, "From Fragmentation to Liberation: Unleashing the Power of Unified Data Management', Jackie McGuire continues the conversation to explore the critical significance of a data-centric strategy to strengthen security measures, enhance cost-effectiveness and refine data governance protocols. Join us as we reveal the advantages of a customized data engine and the evolving challenges facing engineering and security teams during this surge in data volumes.

At Cribl, we believe YOUR DATA IS YOUR DATA and you should be able to access and explore all data anywhere, discover value in data that previously was unexplorable, and connect it all to any tool your organization needs. Join us to see how our suite of products can help you with your biggest data challenges.

Full-Throttle Data Management: Building a Data Engine to Power the Future

This module dives into the essence of Kubernetes and the pivotal role of edge visibility for administrators. We’ll discuss the necessity of a reliable system for collecting and organizing logs, metrics, and events in the complex landscape of container orchestration. Discover the significance of comprehending the data generated in a scaled Kubernetes environment. We will also explore performance monitoring to track CPU and memory usage by applications or containers.

Interested in diving deeper into this subject? Check out our blog for a comprehensive insight into the utilization of products like Cribl Edge. You’ll discover how it offers the visibility and management necessary for organizations aiming to harness the full potential of Kubernetes. https://cribl.io/blog/kubernetes-cribl-edge-because-logging-and-metrics-shouldnt-be-a-mystery-novel/

The Network Edge: Kubernetes Environments

This module dives into the complexities associated with monitoring Windows systems. The landscape of Windows observability presents intricate challenges due to the diverse array of services, applications, and workloads operating on individual hosts. Spanning from web servers to databases, Active Directory to DNS, messaging systems to custom applications, the Windows environment comprises an intricate network of interconnected components, each producing logs, metrics, and events crucial for performance analysis and issue diagnosis. Our aim is to provide guidance in deciphering the wealth of data generated and understanding its inherent value.

Interested in learning about the real-time collection and processing of observability data, including metrics and logs, from various endpoints such as Windows machines, applications, and microservices? Be sure to explore our blog for more information. https://cribl.io/blog/cribl-edge-and-windows-a-perfect-pair-for-observability/

The Network Edge: Windows Devices & Their Data

Discover insights from our panel of security experts as they dive into the intricate nuances of APIs, exploring their effectiveness as a security tool while shedding light on both their strengths and vulnerabilities in safeguarding digital assets and infrastructure.

Speakers: Jim Apger, Principal Technology Alliances Engineer, Ed Bailey, Principal Technical Evangelista and Jackie McGire, Sr. Market Strategist, Cribl

If You're API and You Know IT

Today's fragmented data strategies create costly silos, hindering visibility and collaboration. Absent a strategic plan, teams operate in isolation, optimizing for their own needs rather than a unified approach. This adds complexity to IT, compromises security, and makes it nearly impossible to gain a holistic view of your organization's data, which can have costly consequences; teams struggle to enforce compliance across incompatible data formats, analysts waste time wrangling data instead of gaining actionable insights, and the lack of control puts you at the mercy of vendor lock-in.

It's time for a revolution – a unified, open data management strategy that empowers all teams, regardless of their specific use cases. Imagine a world where data flows seamlessly, security is built-in, and you have full control of your most valuable asset.

Join this webinar to discover how next-generation data management delivers:

- Unified strategy: Break down data silos and enable cross-departmental insights.
- Choice: Full data access and control and open formats, regardless of tools or vendors.
- Control: Own your data and break free from vendor lock-in.

Why This Matters: This isn't just about data management; it's about empowering your teams, strengthening your security posture, enhancing your observability, and future-proofing your organization.

Unleashing the Power of Unified Data Management

Whether you have already deployed Microsoft Sentinel or are considering a migration in the near future, there are many questions and challenges that security teams face around scale, data management, and cost optimization to both deploy and continue a successful implementation.

Hear from Dan Whittingham, Security Solutions Architect at Rolls Royce, to learn how he and his team modernized their SIEM with cloud-native, AI-powered Microsoft Sentinel to accelerate threat detection and response, and overall tool & data management with the help of Cribl.

Join this webinar to learn how to:
- Modernize your security operations with Microsoft Sentinel, a comprehensive solution enriched by generative AI, to confidently protect your deployments efficiently and at scale.
- Take control of your security data and gain freedom from vendor and tool lock-in
- Make migrations and integrations easier with best practices and tips learned from your peers

Speakers: Desi Gavis-Hughson, Product Marketing Manager, Cribl; Dan Whittingham, Senior Security Solution Architect, Rolls Royce and di Lahav, Principal PM Manager | CxE Security – Microsoft Unified SIEM+XDR, Microsoft

Unveiling Rolls Royce's SIEM Transformation with Microsoft Sentinel and Cribl

This session is all about the world of centralized management of edge node information, where monitoring, managing, and configuring become seamlessly centralized through a visual console. Say goodbye to log onboarding challenges as Edge provides clarity on log paths, allowing admins to precisely identify logs on hosts and read file contents with ease. Join us to explore the possibilities that data unlocks in the realm of centralized edge management.

The Network Edge: Linux Servers & Their Data

This second module unlocks the power of seamless auto-discovery and observability data gathering right from its source. Streamline the process of automatically discovering, monitoring, and collecting metrics from hosts and containers, while efficiently capturing logs from running applications.  Edge is a must for Kubernetes coverage since it can be added as a daemonset instead of a sidecar, making it so much easier to collect data and Edge will scale as your K8 pod grows. Bid farewell to delayed data and the risk of drops due to queueing. Tune in to hear how you can experience a significant enhancement in usability, uncovering previously unnoticed data that enriches your telemetry coverage.

The Network Edge: Endpoints & Their Datasets

Tune in to hear the discussion between Ed Bailey and Perry Correll as they have a dive into a conversation all around the topic of Search -- the who, what, when, where, why and how to search your Observability and Security data.

O11Y Professor: Understanding Who's Looking for What and How

Something inside you hopes AI might help with your SecOps work. Isn’t that why you continue to enter chat prompts for security use cases? Join Cribl’s Edward Bailey and Monzy Merza, CEO of Crogl (formerly of Databricks, Splunk, and the US DOE), for a practitioner’s view on the future of SOC and security operations. We’ll share insights from our discussions with dozens of security teams and explore how AI’s use in the SOC is being envisioned - from accelerating triage and scaling team creativity to ensuring threat-sensitive compliance. We’ll discuss practical use cases and demonstrate working examples. Arm yourself with information for the next time you hear AI and security mentioned in the same conversation.

Leveraging AI for Enhanced Security Operations

This series will navigate through discussions on network edge devices, the data they generate, the agents employed for monitoring and data collection. Uncover the crucial importance of visibility at the edge and the value derived from selectively retrieving only the essential data. Tune into this series as we unravel the complexities of the network edge landscape.

Monitoring Data At The Network Edge: Why Data Visibility is Key

Federal agencies need more support to implement modern transformation strategies to help improve their ability to meet emerging threats. In this webinar, a panel of government and industry experts discuss the importance of agency and CISA cooperation and information sharing to improve cyber resilience and data interoperability.

Mission Driven Observability: Enhancing Security, Compliance, and Efficiency

Explore the journey to quicker response times and actionable insights in our webinar, Elevating Data Visibility for the Warfighter. Listen as Cribl and ClearShark discuss how to gain complete control over your data, offering choice and flexibility through the utilization of Cribl Stream to break down data silos.

Attendees will learn how to:

- Achieve best-in-class SIEM optimization and data utilization; reduce duplicate and redundant data analysis and reduce data processing and storage cost
- Monitor and control data sharing and access while improving and optimizing dissemination processes
- Onboard new data sources and route to multiple systems of analysis (SIEM, data lakes and cross domain solutions)
- Effectively address requirements of M-21-31
- Address the increased requirements of visibility and analytics, integration of cyber and intelligence data, and support a Zero Trust Security Framework

Enhancing Data Visibility for the Warfighter

Tune in to hear an important conversation between Cribl's Ed Bailey and Jackie McGuire, as they navigate the intricate balance of maximizing organizational value with a constrained budget. In today's challenging economic climate, where maintaining operations often means minimal to no additional spending, adaptive strategies become crucial. This is more than just a best-case scenario; it's a necessary approach for business resilience. Ed and Jackie will share innovative ideas and strategies to help leaders skillfully manage tight budgets while delivering significant value to their organizations.

Delivering Value with a Flat Budget

What happens on the endpoint doesn’t stay on the endpoint. To effectively defend against advanced threats and lateral movement, you need visibility beyond individual devices. By using Cribl’s enrichment and routing capabilities to combine Corelight’s comprehensive network telemetry with your EDR telemetry, you can gain comprehensive visibility of what happens on and in between all of the devices on your network. Join this webinar to learn how the combined solution expands visibility, bolsters detection, and accelerates investigations while maintaining data fidelity. 

Attendees will learn how to:

• Consolidate IDS, PCAP, and other network sources to provide a single comprehensive source of network telemetry
• Correlate, enrich, and route both endpoint (EDR) and  network (NDR) data into your SIEM
• Enable real-time threat detection and seamless ingestion, normalization, and enrichment of security data into any SIEM

Unify Endpoint & Network Telemetry for any SIEM

The current economic landscape poses challenges for companies to sustain operations without being profitable or having a clear path to profitability. As a response, businesses are either merging with counterparts or becoming part of larger entities through acquisitions. In this evolving scenario, we'll delve into the ongoing transformations, discussing the implications for security and observability.

Navigating IT and Security Consolidation in 2024

Deploying new tools can be a challenging process for Operations and Security data teams. However, we recently released a reference architecture for Cribl Stream to streamline this process and reduce trial and error. During a live discussion, Cribl's Ed Bailey and SpyCloud's Ryan Sauder share a real-life example of how a long-time customer utilized this reference architecture to build a scalable deployment. Ryan will explain how this approach enabled SpyCloud to grow alongside its evolving needs, without requiring significant rework. The reference architecture also facilitated a repeatable data onboarding process, reducing administrative time and freeing up the team to focus on critical security and data analysis tasks.

How SpyCloud Architected its Cribl Stream Deployment

Most SecOps and SOAR teams struggle to manage complex logging at scale and respond to threats fast enough (they’re too busy grappling with manual processes!). Security orchestration, automation, and response (SOAR) platforms can help, enabling security teams to manage their operations from end-to-end and respond to cyber threats with speed and precision. When paired with Cribl LogStream, you can simplify data management and further streamline incident response (IR).

Join Cribl’s Ed Bailey, Brendan Dalpe, and Desi Gavis-Hughson an interactive demo, where they’ll:
• Discuss how SOAR solutions can automate and speed up a security response.
• Show how you can retrieve raw data automatically as part of IR, without putting additional strain on your team.
• Reveal ways to enrich and optimize security data, including using Amazon S3 to store more data affordably.
• Build an observability pipeline to trigger a response in any SOAR platform, saving team resources and adding value to your business.

Supercharge Your SOAR Solution with Cribl LogStream

DevOps

Information Security

IT Enterprise

IT Monitoring

Log Management

Network Security

SecOps

Security

SIEM

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

Get powerful marketing data and analytics insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on the analytics that quantify your investments.

Data and Analytics

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Supercharge Your SOAR Solution with Cribl LogStream

Presented by

About this talk

More from this channel