Crest Data addressed these challenges by developing a set of Cloud-to-Cloud (C2C) connectors that facilitate direct data ingestion into Sumo Logic. Simplifying the entire process, these connectors allowed users to collect data simply by sending authentication parameters through a user interface, totally eliminating the need to have a locally installed agent. Through built-in dashboards for analysis, real-time alerting, and automated troubleshooting events, Crest Data’s solution converts a manual, high-effort task into a simplified workflow that enhances security visibility, ensuring faster threat detection across diverse SaaS applications.

About the Customer

The customer is one of the leading global cybersecurity leaders that provides a robust cloud-native platform designed to protect endpoints, cloud workloads, identities, and data. Their mission is to empower organizations with comprehensive visibility and protection across their entire digital footprint.

Customer Challenge

The customer had to implement agent-based data connectors, which required locally installed agents to forward data to get it ingested into their analytics platform. This entire process was cumbersome and resource-intensive as technical teams were required to manually complete a variety of time-consuming tasks, such as pulling data from different applications through an API at specific polling intervals, renewing authentication tokens at specific intervals, and sorting the data to make calls prior to onboarding. The teams were spending considerable time and putting a lot of effort into these manual processes.

In the absence of a streamlined and direct ingestion method, the customer found it extremely hard to quickly detect threats through authentication log analysis or identify malicious user activity across a large number of SaaS applications. Consequently, the security operations and DevOps teams faced the problem of real-time visibility, significantly hampering their ability to accurately identify issues like failed authentication or deactivated multi-factor authentication across their infrastructure.

Proposed Solution

To mitigate challenges with manual data ingestion, Crest Data developed a suite of Cloud-to-Cloud (C2C) connectors that enable direct data ingestion. There’s no longer any need for locally installed agents, and it changes the data collection process into a UI-driven workflow.

Key features of the implemented solution include:

• Automated Data Management:

  Automatic handling of complex background tasks, such as calling APIs at specific polling intervals, refreshing authentication tokens, and sorting data for subsequent calls are handled by connectors.

• Built-in Analytics and Visualization:

  Customers can easily and directly analyze ingested data using pre-configured dashboards. The checkpoint mechanism eliminates the data duplication problem.

• Real-Time Alerting and Troubleshooting:

  Real-time email alerts provide a system that helps mitigate breaches or errors immediately. Additionally, it generates specific events that help administrators troubleshoot errors during data collection.

• Broad SaaS Integration:

  Crest Data developed connectors for a wide range of platforms, including Okta, Mimecast, Google Workspace, SentinelOne, and Microsoft Azure AD.

• Enhanced Security Context:

  Specific integrations, like Okta and Mimecast, allow for correlating authentication logs and email threats across multiple sources. Security teams can get deep insights into abnormal user behavior, failed multi-factor authentication, and advanced cross-source threats.

Outcome

The following are the outcomes of the implementation of the Cloud-to-Cloud (C2C) connectors that resulted in a more streamlined and efficient security operations workflow:

• Simplified Data Ingestion: The C2C connectors ensured easy and direct data ingestion with minimal configuration, thus alleviating the need for resource-intensive, agent-based collectors.
• Inclusive Data Insights: The customer can utilize built-in dashboards to quickly analyze collected data in real-time and gain actionable security insights.
• Proactive Incident Response: Real-time email alerts help security teams to reduce breaches or technical errors quickly upon detection.
• Enhanced Threat Detection: Correlating authentication logs across SaaS applications ensures faster identification of malicious user behavior and potential security threats.
• Improved Security Visibility: Security and DevOps teams gain comprehensive visibility into vital events like failed authentications and deactivated multi-factor authentication.
• Optimized Workflow Efficiency: Automated security workflows prioritize and contextualize threats, significantly reducing the manual workload for security analysts.
• Guaranteed Data Integrity: An in-build checkpoint mechanism promotes uniform data ingestion thus eliminating data duplication.

About Crest Data

Crest Data is a data and AI-first product engineering and technology solutions provider with deep expertise in cloud and AI, cybersecurity, observability, data analytics, and workflow automation. In this case study, Crest Data applied its integration and security automation capabilities to help the customer seamlessly transition from manual, agent-based data collection to a streamlined Cloud-to-Cloud (C2C) ingestion model by leveraging capabilities like automated API management, real-time incident alerting, and an advanced security visualization dashboard.

With 1,200+ experts and a track record of 5,500+ successful projects across 150+ global customers, and backed by strong partnerships with Google, AWS, Microsoft, Datadog, Dynatrace, ServiceNow, and NetApp, Crest Data delivers outcome-focused solutions that strengthen security, improve platform reliability, and enable sustainable digital growth.