How Malwarebytes Cut Time-To-Resolution with Logz.io

About Malwarebytes

Malwarebytes is the next-gen cybersecurity company trusted by millions worldwide. Malwarebytes proactively protects people and businesses against dangerous threats such as malware, ransomware, and exploits that escape detection by traditional antivirus solutions.

The company’s flagship product combines advanced heuristic threat detection with signature- less technologies to detect and stop a cyber attack before damage occurs. More than 10,000 businesses worldwide use, trust, and recommend Malwarebytes. Founded in 2008, the company is headquartered in California, with offices in Europe and Asia, and has a global team of threat researchers and security experts.

Using ELK at Malwarebytes

The engineering teams at Malwarebytes were using ELK deployments to log the company’s backend Ruby, Golang, and JavaScript applications. The main use case for the team was visualizing the growing amount of logs being generated by the applications, a requirement that Kibana complied with perfectly.

The parsing challenge

The main challenge Malwarebytes faced was enhancing the various types of log data being generated by its high-volume applications. The company could no longer spend time and resources on training developers on the various engineering teams to parse and massage the logs. As a result, Malwarebytes began seeking a different logging solution.

“Logz.io directly impacted our time-to-resolution by enabling us to quickly identify and troubleshoot issues.”
Shawn LoPresto, DevOps Manager

So, why Logz.io?

Other logging platforms were considered but disqualified for various reasons. Logz.io was chosen primarily because it allowed developers to continue using Kibana for visualizations and also because it offered automatic parsing of the data being shipped into the system. The pricing and ease-of-use were additional factors in the decision to go for the Logz.io log analysis platform.

Transitioning to Logz.io

With the help of Logz.io’s Support team, Malwarebyte’s transition was smooth and completed in under a week. Data is shipped to Logz.io via Filebeat; setup uses either ebextensions or user_data passed to instances on launch.

The end-result — all the engineering teams at Malwarebytes now use Logz.io for logging their applications. All in all, almost 50 users at Malwarebytes use Logz.io to ship an average of 100GB a day of data.

Cutting troubleshooting time

Looking back, Malwarebytes now asseses that adopting Logz.io greatly improved the speed at which developers are able to identify issues and resolve them. By providing an easy-to-use ELK-based platform that takes care of the entire logging pipeline from ingestion through parsing to indexing, developers can focus on creating and monitoring visualization dashboards for better and more effective analysis.

Turn machine data into actionable insights with ELK as a Service