Cribl puts your IT and Security data at the center of your data management strategy and provides a one-stop shop for analyzing, collecting, processing, and routing it all at any scale. Try the Cribl suite of products and start building your data engine today!
Learn more ›Evolving demands placed on IT and Security teams are driving a new architecture for how observability data is captured, curated, and queried. This new architecture provides flexibility and control while managing the costs of increasing data volumes.
Read white paper ›Cribl Stream is a vendor-agnostic observability pipeline that gives you the flexibility to collect, reduce, enrich, normalize, and route data from any source to any destination within your existing data infrastructure.
Learn more ›Cribl Edge provides an intelligent, highly scalable edge-based data collection system for logs, metrics, and application data.
Learn more ›Cribl Search turns the traditional search process on its head, allowing users to search data in place without having to collect/store first.
Learn more ›Cribl Lake is a turnkey data lake solution that takes just minutes to get up and running — no data expertise needed. Leverage open formats, unified security with rich access controls, and central access to all IT and security data.
Learn more ›The Cribl.Cloud platform gets you up and running fast without the hassle of running infrastructure.
Learn more ›Cribl.Cloud Solution Brief
The fastest and easiest way to realize the value of an observability ecosystem.
Read Solution Brief ›Cribl Copilot gets your deployments up and running in minutes, not weeks or months.
Learn more ›AppScope gives operators the visibility they need into application behavior, metrics and events with no configuration and no agent required.
Learn more ›Explore Cribl’s Solutions by Use Cases:
Explore Cribl’s Solutions by Integrations:
Explore Cribl’s Solutions by Industry:
September 25 | 10am PT / 1pm ET
Hold my beer: lessons from one team’s data pipeline journey
Register ›Try Your Own Cribl Sandbox
Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Launch Now ›Get inspired by how our customers are innovating IT, security and observability. They inspire us daily!
Read Customer Stories ›Sally Beauty Holdings
Sally Beauty Swaps LogStash and Syslog-ng with Cribl.Cloud for a Resilient Security and Observability Pipeline
Read Case Study ›Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Launch Now ›Transform data management with Cribl, the Data Engine for IT and Security
Learn More ›Cribl Corporate Overview
Cribl makes open observability a reality, giving you the freedom and flexibility to make choices instead of compromises.
Get the Guide ›Stay up to date on all things Cribl and observability.
Visit the Newsroom ›Cribl’s leadership team has built and launched category-defining products for some of the most innovative companies in the technology sector, and is supported by the world’s most elite investors.
Meet our Leaders ›Join the Cribl herd! The smartest, funniest, most passionate goats you’ll ever meet.
Learn More ›Whether you’re just getting started or scaling up, the Cribl for Startups program gives you the tools and resources your company needs to be successful at every stage.
Learn More ›Want to learn more about Cribl from our sales experts? Send us your contact information and we’ll be in touch.
Talk to an Expert ›Case Study
“WHEN YOU DO GET A DATA BREACH, THE INCIDENT RESPONSE FOLKS NEED THE ABILITY TO TURN BACK THE CLOCK. THE REPLAY FEATURE WAS ALSO A VERY ATTRACTIVE CAPABILITY OF CRIBL STREAM.”
“WE WOULD HAVE BEEN SEVERELY HAMSTRUNG IN OUR ABILITY TO PROVIDE WORLD-CLASS CYBERSECURITY COVERAGE FOR OUR PREMIER CASINO WITHOUT CRIBL STREAM.”
“THERE WERE SO MANY ISSUES WITH OUR VENDORS THAT WE WOULD HAVE ACTUALLY INCREASED OUR RISK BY NOT BRINGING ON CRIBL STREAM. WE WOULD HAVE BEEN FORCED TO STAY WITH THEM AND RENEW FOR ANOTHER YEAR.”
Share:
This resort and conference center is a premier, upscale resort destination, bringing in over $1B annually. Because they are also a casino, their cybersecurity team faces very strict regulatory reporting responsibilities and an enormous amount of data to manage. They’ve leveraged Cribl to dramatically reduce their SIEM spend, route regulatory data to appropriate destinations, and build a fully functional CSOC in 60 days.
When the resort changed ownership in 2022, its cybersecurity team moved away from their existing MSSP to re-imagine their security architecture, tooling and partners, the Executive Director of Cyber Security: Strategy, Architecture & Engineering, knew that Cribl Stream would be a critical element of the transition.
“From my vantage point, Cribl Stream is one of the most important tools in the cyber tool chest. I’ve saved literally half a million dollars a year — they’re allowing me to control my own data and make better use of my other investments and tools that have nothing to do with Cribl.”
Executive Director of Cyber Security: Strategy, Architecture & Engineering
An Immediate Reduction in SIEM Spend
Inspired by an impending ownership transition, the Executive Director and his team resolved to shift their operational approach. They opted to move from a fully outsourced SOC model to a hybrid SOC, integrating an in-house tech stack with tier one MSSP support. To ensure the transition remained within budgetary constraints and presented a cost-effective solution, the team found it necessary to segregate high-value data intended for analysis and detection from the high-volume data needed for regulatory compliance. Recognizing Cribl’s pivotal role in achieving this objective, they determined that prospective vendors onboard with Cribl as a prerequisite.
To get started, they deployed Cribl Stream along with Packs from the Cribl Packs Dispensary to rapidly filter logs and normalize the data routing to their new Exabeam Fusion instance. Part of the Exabeam New-Scale SIEM™ product portfolio, Exabeam Fusion includes security log management, behavioral analytics, and automated threat detection, investigation, and response (TDIR).
“By using the out-of-the-box filters, we were able to take our data throughput from 1.2 TB down to 800 GB per day. After briefly working with the Cribl team, we got down to 450 GB daily. That process was fast — we recognized the benefits very quickly.”
Executive Director of Cyber Security: Strategy, Architecture & Engineering
Instead of just indiscriminately funneling syslog into their Exabeam Fusion, they worked directly with the Exabeam team, to send only the information needed to drive relevant detections. By normalizing and optimizing data across all of their sources, the resort’s team has saved money on data lake storage, while increasing the speed of reporting across the platform.
Ease of Compliance With Regulatory Bodies
Large reductions in data and improved performance are the norm for Cribl Stream users, but unexpected benefits are also very common. The Executive Director was pleasantly surprised when the opportunity presented itself to re-think solutions for complying with casino-related data regulation.
“The number one reason we wanted to use Cribl Stream was the ability to reduce the amount of data ingestion going into the SIEM. But it's more important than that — once we started to learn more about the product, we found that we were able to filter data off, specifically for regulatory reporting, instead of having to pump it into our SIEM.”
Executive Director of Cyber Security: Strategy, Architecture & Engineering
A Seamless Transition With Zero Loss of Cybersecurity Coverage
It took the Executive Director and his team 60 days from the time they kicked off implementation to stand up a fully functional SOC. Due to heavy industry regulations, they had to run simultaneous coverage during the transition from their old MSSP to the new MSSP.
“We had to have a seamless flick of the switch —Cribl allowed us to take 30 data feeds and fork them to both the new and old platform so that our existing MSSP could continue to provide the service that we were paying them for, while simultaneously allowing us the time and energy to completely stand up a fully operational, brand new architecture.”
Executive Director of Cyber Security: Strategy, Architecture & Engineering
Ultimately, the Executive Director mitigated the risk of data loss and maintained comprehensive coverage during the transition.
“We literally lost zero coverage. We actually gained capability.”
Executive Director of Cyber Security: Strategy, Architecture & Engineering
Saving on Costs and Engineering Time
Using Cribl Stream to migrate to a new hybrid MSSP model and the Exabeam product suite has created a snowball effect in terms of time and money saved. They were able to reduce their SIEM license, while limiting staff hours spent handling regulatory data, and focus those resources on taking on new initiatives to better service the business. The Executive Director believes that by providing new opportunities to his team–not keeping them mired in data onboarding and repetitive reporting–also helps to address the staff churn so often faced by security teams.
“When you're sitting in my seat or a CISO seat, you're very concerned with dollars and resource management. Any time you can get a 60% reduction in that bill, and keep your team engaged and challenged, you feel like you’re in control of your own destiny, and that really helps a lot.”
Executive Director of Cyber Security: Strategy, Architecture & Engineering
Top-Notch Support from Vendors
The resort’s new MSSP does a lot of QA and fidelity checks on the logs sent via Stream, so they’ve also learned a lot about Cribl along the way. The Executive Director describes the relationship between two of his most widely used partners:
“Cribl has always immediately helped out. Their expediency and willingness to work with our vendors to solve a very complex problem is unique. Whenever any issues arise, the support team at Cribl has been right there to work with us to help us out.”
Executive Director of Cyber Security: Strategy, Architecture & Engineering
Cribl makes open observability a reality for today’s tech professionals. The Cribl product suite defies data gravity with radical levels of choice and control. Wherever the data comes from, wherever it needs to go, Cribl delivers the freedom and flexibility to make choices, not compromises. It’s enterprise software that doesn’t suck, enables tech professionals to do what they need to do, and gives them the ability to say “Yes.” With Cribl, companies have the power to control their data, get more out of existing investments, and shape the observability future. Founded in 2017, Cribl is a remote-first company with an office in San Francisco, CA. For more information, visit cribl.io or our LinkedIn, Twitter, or Slack community.
Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari
Got one of those handy?