How Sophos modernizes data management with Cribl

Sophos protects more than 600,000 organizations and 100 million users across the globe with its wide array of cybersecurity products and services. But the company’s internal security team must ingest data from a wide array of sources to power their defenses to ensure Sophos is safe from cyberthreats.

Chris O'Brien is VP of Security Operations for Sophos, a global leader providing cybersecurity products and managed services. Chris and his team's job is to defend Sophos by identifying, mitigating and responding to cybersecurity incidents against the company and its products and services. A big part of doing that is sifting through terabytes of log and security telemetry from myriad sources daily to find malicious needles in the data haystack. 

And Cribl has allowed the team to efficiently process data through several different pipelines, making their work more cost-effective and allowing their analysts to spend their time where they can have the largest impact. When he joined the team, Chris found the team was already exploring Cribl Stream as a potential solution to their big data challenges. Initially skeptical, Chris asked his team to justify their decision. However, after seeing the proof-of-value (POV), he was convinced.