Leading Financial Services Firm
Learn how a Leading Financial Services Firm gained 48% visibility with Anvilogic and Snowflake.
< 3 Weeks
To onboard Windows Event Logs and CrowdStrike FDR data
400+
Detections deployed and mapped to MITRE ATT&CK
48%
Increase in Linux platform coverage
+4TB/day
Of new data sources into Snowflake
{{cs-divider}}
Challenges
- Lacked an understanding of detection posture
- Too much time spent on deploying and managing detections
- Considerable security gaps due to cost and resource issues in Splunk
The security operations center (SOC) of a leading financial services firm had considerable security gaps due to a lack of visibility into their Windows Event Logs, CrowdStrike FDR, and Linux platform data. The SOC could not spend any more money on Splunk and needed a cost-effective and scalable solution to help them close detection gaps and achieve better visibility while streamlining the detection engineering lifecycle.
Enter Anvilogic
Anvilogic helped this SOC team reduce their Splunk usage and cost by transitioning high-volume data sources into Snowflake. In less than three weeks, the SOC team was able to onboard Windows Event Logs, CrowdStrike FDR, and Linux platform data. With the additional data sources, they seamlessly deployed over 400 detections and increased their Linux visibility by 48%. With the decrease in Splunk cost and increase in MITRE ATT&CK coverage, the SVP of Security Operations has invested it back into the team and improved security controls to ensure they operate as efficiently as possible.
.svg)
