One of my favorite aspects of being a delegate at Tech Field Day events is learning about companies and/or products I was previously ignorant of. As such with the eighth installment of Security Field Day kicking off in just over a week I’m particularly looking forward to the presentations from Cribl and Swimlane.
Cribl in my current understanding wants to be the processor and traffic cop of your observability data. Whether that is syslog from a router, or application performance metrics off a server, their goal is to ingest it all and only send what you’ve deemed relevant on to your analysis platform of choice. Depending upon needs their platform looks like it may do all that some customers require. And given the high financial barrier to entry of the thousand pound gorilla in the room with the witty shirts reducing the volume of noise sent is a common goal. Cribl also offers a fairly generous free tier which would be a good fit for a home lab or PoC which I plan to take advantage of to learn more about the platform.
Playing in a different segment of the “You can’t secure what you don’t know about” game Swimlane positions themselves as a low-code SOAR solution, though they seem to prefer the more straight forward term “security automation”. I’ve seen a couple other SOAR platforms demoed before and am interested in seeing what sets Swimlane apart.
Tune in next week starting at 0800 Pacific Time on November 16th to follow along with all the vendor presentations.
One thought on “#XFD8 Prologue”