This blog was originally published March 20, 2020 on humio.com. Humio is a CrowdStrike Company.

This week, John talks with Miguel Adams, a Security Engineer at a US government agency. Miguel shares his thoughts on why they chose Humio, and offers some suggestions for other agency personnel that are charged with keeping their infrastructure secure and resilient.

They use Humio to look for malicious activity, including indicators of compromise, adherence to policies, use of whitelisted ports and protocols, and behavior like lateral movement and elevation of privileges.

On a routine basis, we get indicators of compromise (IOCs), and we’re able to do that almost instantaneously with Humio. The return is within a matter of seconds or minutes, whereas before it took us half or day or more. – Miguel Adams, Government Agency Security Engineer

We discuss how budgets impact planning, and what Miguel is doing to make sure he has up-to-date tools and an experienced staff. He explains how with Humio he was able to increase the amount of data they ingest from 16 GB to 64 GB a day, with plans to double that in the next 4-5 months.

Tune in to the podcast to learn more about Miguel’s environment, and hear his tips on implementing and running Humio.