Live Workshop icon

April 30: Setting up a modern observability stack with Garland Technology, Corelight, and Humio

The Hoot - Episode 19 - Humio with Miguel Adams, Government Agency Security Engineer

How this agency uses Humio to keep their infrastructure secure and resilient

March 20th, 2020
John Porcaro

This week, John talks with Miguel Adams, a security engineer at a US government agency. Miguel shares his thoughts on why they chose Humio, and offers some suggestions for other agency personnel that are charged with keeping their infrastructure secure and resilient.

The Hoot - Episode 19 - Humio with Miguel Adams

Miguel began investigating SIEMs when he couldn’t look for relevant data in a consistent and efficient manner — in a day or so. He chose Humio because it was very affordable, and they could deploy it quickly with the current staff that they had. They deployed Humio and were up and running in 2-3 hours.

They use Humio to look for malicious activity, including indicators of compromise, adherence to policies, use of whitelisted ports and protocols, and behavior like lateral movement and elevation of privileges. Miguel has a competent and supportive team that is well-versed in the foundation of how integrated systems work, and relies on their ability to know how all endpoints communicate together, and across the network.

On a routine basis, we get indicators of compromise (IOCs), and we’re able to do that almost instantaneously with Humio. The return is within a matter of seconds or minutes, whereas before it took us half or day or more.

Miguel Adams, Government Agency Security Engineer

We discuss how budgets impact planning, and what Miguel is doing to make sure he has up-to-date tools and an experienced staff. He explains how he was able to increase the amount of data they ingest from 16 GB to 64 GB a day, with plans to double that in the next 4-5 months.

We’re entering an area where budgets are going to be tightening, and it’s going to be more difficult to get the resources we need. So I look for innovations. I look for technologies that deliver what we need at a low cost. Not just costs from the technology itself, but lifecycle costs, implementation, and other resources to manage and run the operation.

Miguel Adams, Government Agency Security Engineer

Tune in to the podcast to learn more about Miguel’s environment, and hear his tips on implementing and running Humio.

Subscribe to The Hoot Podcast or download the latest episode. The Hoot can also be found on Spotify, SoundCloud, Google Play, iTunes, RSS, or wherever you get your latest podcasts.Ready to get started with Humio? Get started with our free trial, or schedule a live demo with a Humio team member.

Start your free trial now, available Self-hosted and SaaS, or request a demo.