Ability to mitigate incidents faster and more efficiently
AppsFlyer is a mobile attribution and marketing analytics company for marketers, ad agencies and app creators. Founded a decade ago, AppsFlyer today has over 12,000 customers worldwide, working with many of the leading brands around the world across all market segments. Born in the cloud, it uses infrastructure from AWS, and its security team primarily uses cloud-based apps and services. For security management they use a SIEM based on Elastic, and in terms of security products they primarily use EDR and monitoring tools. All of them are connected to Hunters XDR, which seamlessly ingests all of their data.
AppsFlyer’s security team comprises four different groups: the GRC, security engineering, a dedicated team to develop internal security tools, and the security operations team which is in charge of all the monitoring and incident response.
AppsFlyer’s main goal was to scale up their SOC: putting the security tools they already had in place for a better use, maximizing the capabilities of the team and switching from a reactive defense mode to a proactive security approach.
Even though the team had a strong set of security tools in place, they were poorly connected and generated many alerts that were missing context, making incident response and mitigation cumbersome and inefficient.
- Inability to unify alerts and events generated by point security solutions
- Lack of context to alerts, requiring manual, lengthy investigations
- Reactive and alert-driven SOC management
- Lack of visibility over complex attacks where attackers’ try to hide in plain sight
- Decreased productivity due to manual processes and inability to prioritize alerts
How Hunters Helped
Hunters XDR seamlessly connected to AppsFlyer’s data sources, and within minutes they could already enhance the visibility they had over the entire security environment. By connecting to all their existing security telemetry, and using context and threat intelligence to correlate sparse sources, alerts were now placed in context and connected to one another, leading to concrete Attack Stories that their SOC could act upon with high confidence. Alert handling and remediation of threats was more efficient, and they could devote more resources into proactive security activities.
“The main value that Hunters XDR provides me as a CISO is that it connects the dots across solutions. My teams now have better visibility of the issues that we have in our environment, and we can connect alerts to a bigger story. My team can now handle issues in a more efficient and accurate way than before.”
Fast time to value; it took a matter of minutes to deploy and starting to see insights
Connecting events and alerts from sparse sources into actionable Attack Stories
Increased business agility with faster and more effective detection of threats across existing systems
Achieving better visibility into the security environment, eliminating blind spots
Extending the incident response capabilities of their SOC with Hunters’ expert services
AppsFlyer was founded over ten years ago with a mission to help marketers succeed. By empowering brands with a holistic view of every user journey across platforms, channels, and devices, AppsFlyer aims to be every marketer’s best friend. Today, they are the global attribution leader.