Industry | Driver | Company Size |
Tech - Software | SOC 2 Compliance | 35 |
The Challenge
Erinapp needed an easy-to-use SIEM solution to monitor their AWS infrastructure and to meet SOC 2 compliance.
The Solution
With Blumira's easy-to-use, cloud-delivered SIEM platform, Erinapp was able to meet SOC 2 requirements while leveraging detection rules managed by Blumira, taking the burden off of their small team.
“Blumira has a startup-friendly pricing model and is easy to set up, use, and maintain, with no additional infrastructure required – it’s the only one on the market that meets those needs.”
COO
Erinapp
Founded in 2018, ERIN's employee referral and internal mobility software platform increases employee referral hires for non-desk and corporate employees by 5x and decreases turnover by 50%. With ERIN, employees can seamlessly track their employee referrals, track bonuses and rewards, earn points for activity, and share referral links on social media.
Seeking a SIEM For SOC 2 Compliance
As COO, Dave Hannan runs many teams – customer success, renewals, sales ops, and more – wearing many hats, including IT and information security. Erinapp was working through a SOC (Service Organization Control) 2 audit, so they required a security information and event management (SIEM) system.
Requirement CC2.1: COSO Principle 13—The entity obtains or generates and uses relevant, quality information to support the functioning of internal control.- Captures Internal and External Sources of Data—Information systems capture internal and external sources of data.
- Processes Relevant Data into Information—Information systems process and transform relevant data into information. (Source)
SOC 2 compliance covers five trust services criteria -- security, availability, processing integrity, confidentiality, and privacy. Certified public accounts are external auditors who can evaluate and verify compliance, providing reports demonstrating an organization's ability to protect its clients' data.
A SIEM system captures system data sources, processes, and turns relevant data into meaningful information; helping organizations meet the SOC 2 2.1 requirements.
As the main purchasing decision-maker, Dave and his team spent the good part of a summer searching for a SIEM solution and trialing different products, including Splunk, Microsoft Sentinel, AlienVault, LogRhythm and more, but failed to get any of the SIEMs operational.
The ease of use and flexible pricing model – annual contracts, priced per seat rather than the amount of data collected – was also appealing to Hannan when compared to other SIEM providers.“We chose Blumira for its easy setup as the simplest SIEM solution available. We don’t have any in-house IT infrastructure and run a serverless setup on AWS. Many solutions we evaluated don’t have native integrations with our tech stack and require a log forwarder to run on a VM,” Hannan said.
Erinapp leverages Blumira’s native integration with AWS to help continuously monitor their cloud infrastructure.“Blumira has a startup-friendly pricing model and is easy to set up, use, and maintain, with no additional infrastructure required – it’s the only one on the market that meets those needs,” Hannan said.
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3. By integrating Amazon GuardDuty with Blumira, GuardDuty alerts are actionable, and easy to aggregate across multiple accounts.“We use AWS and GuardDuty, but what’s the point of logging if no one has the time to review those logs consistently?” Hannan said. “Blumira flags numerous events in AWS and, for example, when a new IAM role is created or modified, we immediately receive an alert. This allows us to quickly investigate whether it was intentional or not.”
The value that Blumira provides for Erinapp includes a platform that helps extend the capabilities of their small team, automating manual security tasks. Behind the scenes, Blumira’s many different teams keep the platform updated and operating smoothly:“I mostly love that Blumira maintains detection rules – unlike Splunk and Datadog, where once the trial is set up, you are left having to figure out what to do,” Hannan said. “That is difficult without a full-time team of engineers that know what to build and how to set it up.”
- Parsing and building new integrations – Our engineering team writes new parsers for integrations, maintains existing ones, normalizing and standardizing data for threat analysis.
- Writing clear and useful documentation – Our CX team maintains easy-to-follow documentation to help IT teams with quick setup, detection tests, configuration and much more.
- Managing detections and threat hunting – Blumira’s Incident Detection Engineering team develops detection rules and does threat hunting at scale, automatically updating the platform.
- Keeping the platform reliable and scalable – Our engineers ensure reliability of the solution and maintain backend infrastructure so it runs without interruption on a daily basis.
- 24/7 responsive security support – Our responsive, experienced Security Operations (SecOps) team is on standby available 24/7 for critical priority issues.
“We like that we don’t have to worry about the maintenance of it; it’s there, we know it’s working, and we don’t have to spend a ton of time monitoring it,” Hannan said. “We have a peace of mind knowing there’s a tool digging through our logs, looking for anomalies. It’s helpful for small companies that don’t have a full-time security person on staff.”
Thu Pham
Thu has over 15 years of experience in the information security and technology industries. Prior to joining Blumira, she held both content and product marketing roles at Duo Security, leading go-to-market (GTM) and messaging for the portfolio solution Cisco Zero Trust. She holds a bachelor of science degree in...
More from the blog
View All PostsCustomer Story: Mid-Sized Manufacturing Firm
Read MoreHow Manufacturers Can Secure Themselves Against Cyber Threats
Read MoreFour Cornerstones Of Cyber Resilience In Modern Manufacturing
Read MoreSubscribe to email updates
Stay up-to-date on what's happening at this blog and get additional content about the benefits of subscribing.