Enhancing Security Posture with Snowflake-powered Security Data Lake

The Splunk App for Netscout allows the user to gather benefits of Netscout threat intelligence on Splunk data.

Crest Data collaborated with Netskope to design and develop a horizontally scalable solution that was easy to deploy on customer premises.

Crest Data helped Google to adopt Chronicle GOLD parser to standardize data onboarding for all log sources and the parsing approaches for massive amounts of data.

Crest developed the QRadar App for IntSights integrating IntSight’s Cyber Threat Intelligence and QRadar to rationalize the threat data and surface the targeted attacks which would otherwise be “noise”.

We developed a number of closed and open-source Mission Control Plugins using the plugin framework across CASB, Threat Intel, EDR, VAPT, and Cloud solutions.

Crest developed Databricks notebooks to collect and parse AWS Cloud Trail , AWS VPC logs and Syslogs data from S3 buckets into Databricks environment for further processing.

The Check Point ServiceNow application integrates Security Operations allowing security analyst to create Check Point Block List entries from observables and determined to be malicious in ServiceNow security incidents.

Crest developed the Endgame application to fetch the alerts from the app at regular intervals and report them as NOW Incidents.

Crest Data ServiceNow Experts helped implement ServiceNow CMDB as a single source of truth.

Crest helped Check Point team to achieve their goal by designing Adaptive Response actions in Splunk.

Crest Data developed Elastic integrations for Security, Observability, and Enterprise Search use cases that help the user bring, analyze and correlate their logs across multiple platforms.

The Google Chronicle Ingestion Scripts enable customers to ingest security telemetry data from various platforms/sources into the Chronicle.

TruSTAR partnered with Crest to build an integration with IBM’s Resilient Systems to automatically sends Incident information to TruSTAR and in turn enrich security context for the Incident.

Symantec ATP app provides various visualizations for Network, Endpoint and Email threat protection using Splunk.

The Splunk app for Digital Shadows allows Splunk software administrator to collect incident using modular inputs.

Crest Data wrote multiple C2C connectors to get data into Sumo Logic. Users can collect data by providing the authentication parameters from the UI.

The Crest Data team developed standardized parsers for the Cybereason XDR platform to enable swift adoption.

Leading retailer gains competitive advantage by getting deep business insights while reducing Splunk Admin Costs by more than 50%.