Pondurance Customer Story
How an MDR increased speed of ingest and improved their security response with Humio’s streaming log management.
September 8th, 2020
Pondurance is a managed detection and response (MDR) organization that provides 24-hour security monitoring.
As part of monitoring, Pondurance ingests data from a variety of systems. Prior to using Humio, Pondurance used a system that relied on cloud-based services within AWS, Athena, and Snowflake. In that system, they were having trouble meeting their ingest rate goals. In order to capture data reliably, they were putting it into a message queue with delays. Add in costs of infrastructure and maintenance requirements and Pondurance was ready for a new option.
We previously managed a 40-node, index-based cluster with a hot-, warm-, cold-data architecture that was costly in terms of infrastructure costs as well ongoing engineering maintenance. In our cost analysis, all index-based solutions had a steep curve in terms of costs, and the Humio cost-curve remained fairly flat.
CEO of Pondurance
To grow as a security provider, Pondurance realized they needed a tool that was both resilient on it’s own and enabled them to be resilient as well. They found both in Humio.
“We were thrilled to remove the burdens put on our engineering team, the attractive cost model, and then marry that with performance increases and a fully-functional set of query functions.”
Humio showed Pondurance responsiveness, adding support for S3 Bucket Storage just months after they discovered they needed it. Humio makes Pondurance more resilient as a team by providing the means to very quickly search a large amount of data. Humio’s index-free architecture makes it affordable for Pondurance to ingest all log data and conduct post-incident investigations.
“It’s impossible to detect an event you are unaware of. So logging as much as possible and having effective practices to normalize, search, and alert on activities is as proactive as you can get. “
Hear more about how Humio helped Pondurance prepare for unknown security challenges by joining our workshop on Thursday, September 10th - Optimize Threat Hunting and Incident Response.