BACKGROUND

AppsFlyer is a mobile attribution and marketing analytics company for marketers, ad agencies and app creators. Founded a decade ago, AppsFlyer today has over 12,000 customers worldwide, working with many of the leading brands around the world across all market segments. Born in the cloud, it uses infrastructure from AWS, and its security team primarily uses cloud-based apps and services. For security management they use a SIEM based on Elastic, and in terms of security products they primarily use EDR and monitoring tools. All of them are connected to Hunters SOC Platform, which seamlessly ingests all of their data.
AppsFlyer’s security team comprises four different groups: the GRC, security engineering, a dedicated team to develop internal security tools, and the security operations team which is in charge of all the monitoring and incident response.

Even though the team had a strong set of security tools in place, they were poorly connected and generated many alerts that were missing context, making incident response and mitigation cumbersome and inefficient.



APPSFLYER'S GOALS

  • Improve effectiveness of existing security tools
  • Maximize their SOC team's capabilities
  • Switch from a reactive defense mode to a proactive security approach
 
 
KEY CHALLENGES

  • Inability to unify alerts and events generated by point security solutions
  • Lack of context to alerts, requiring manual, lengthy investigations
  • Reactive and alert-driven SOC management
  • Lack of visibility over complex attacks where attackers’ try to hide in plain sight
  • Decreased productivity due to manual processes and inability to prioritize alerts


The main value that Hunters provides me as a CISO is that it connects the dots across solutions. My teams now have better visibility of the issues that we have in our environment, and we can connect alerts to a bigger story. My team can now handle issues in a more efficient and accurate way than before.

Guy Flechter
Former CISO at AppsFlyer

01

Improved SOC efficiency

Hunters increased AppsFlyer's ability to mitigate incidents faster and more efficiently

02

Fast time to value

It was a matter of minutes to deploy and start to see insights.

03

Automated event correlation

Hunters connected events and alerts from sparse sources into actionable Attack Stories.

04

Increased business agility

AppsFlyer saw faster and more effective detection of threats across existing systems.

05

Increased visibility

AppsFlyer achieved better visibility into the security environment, eliminating blind spots.

06

Expert help

Team Axon helped improve the incident response capabilities of their SOC.