Tarsal

In our wrap up for this webinar, David Seidman talks about the best thing you can do for your 2025 goals: - Figure out what you need to accomplish your mission 🚀 - Don’t spend the effort to build them when you can buy what you need 🛒 ❝ Figure out what you need. Buy what you can. Build only what you have to. ❞ 👏 👏 👏 Well said, David. Thank you so much for sharing your insights with us. We look forward to many more great conversations in the future. 👏 👏 👏 Tarsal friends, be sure you tell David how much you appreciated them taking the time to chat with us! So much great information and experience! 🙌

People often make comparisons between Tarsal and Cribl. David Seidman talks from a buyer perspective about the complimentary nature of our two systems. - Cribl makes a very full featured platform, but you have to spend effort setting it up - Cribl doesn’t do much out of the box 📦 - Tarsal, on the other hand, offers a turnkey solution 🔑 - It does one thing, very very well 🎯 - “I actually think they work well together…” They serve different needs - Tarsal is a faster time to value - Cribl for the complex things, Tarsal is the “simple thing, simple” ✅ Great way to put it!

Continuing with our discussion of SSPMs vs Tarsal, especially as it relates to D&R teams: - SSPM isn’t really a solution for D&R, they are more preventative - SSPMs are usually driven by prevention, not so much detection 👀 - Tarsal is about getting the logs you need for Detection and Response What are some ways you see using SSPMs in addition to Tarsal as complementary tools? 🤝

Another comparison of SSPMs (and SIEMs) vs Tarsal: ⚖️ - The more you rely on a given SSPM or SIEM, the more you are 🔐 locked 🔐 into that vendor - It’s already challenging to migrate, but that makes it harder - Vendors know this and price accordingly 💰 💰 🚀 Instead, work with a pipeline that let’s you put your logs wherever you need them, whenever you wish! 🚀

We get asked all the time about how SaaS Security Posture Management products compare to the world of Tarsal. 🤔 David Seidman talks about this from the buyer / customer perspective. 💡 - SSPMs are focused on the most common services, or on a particular vertical - 🧩 SSPMs can HELP, but they aren’t usually a complete solution 🧩 Want to know more about SSPMs and Tarsal? Stay tuned for tomorrow’s webinar clip! 🗓️

Some say “writing log ingestion isn’t that hard…” and sometimes it’s not. But there’s also the issue of maintainability. DIY ingestion has a very high ongoing cost. 💸 💸 - Don’t forget to account for the maintenance cost 🛠️ - Teams will get through their backlog 📋 and then find half of the things have changed or there are updates - And now they are in a maintenance mode - That is if they are lucky enough to notice it in the first place, rather than finding out in the middle of an incident 🚨 That’s what Tarsal is all about. Let us worry about the connectors, you concentrate on security.

🛠️ Sunny Rekhi talks about the tremendous benefits of Tarsal when it comes to connector maintenance.  🛠️ - There are Tarsal-like teams in many SecOps orgs - It also poses reliability issues - Our connector logic is reused across many customers - If a connector goes down, or the API changes, it’s literally our job to stay on top of this - Everyone gets the improved connector - Countless stories of in-house integrations where something broke and they didn’t find out until an incident - ✅ “We give you this out of the box and you can focus on protecting your organization” ✅ 🤝🚀 Well said, Sunny! Join the growing community of organizations that benefit from never having to worry about maintaining connectors again. 🚀🤝

Closing out the Build vs. Buy highlights from David Seidman - building in-house connectors and pipelines can block the critical path. That’s absolutely no good. 🙅 🙅 🙅 - There’s a bunch of project management overhead ⛈️ - Most mature security programs block the launch of new SaaS until the logs are ingested - That means that ingestion is on the critical path to launch - 🛑 Building an in-house connector is a blocker 🛑 - It’s not value add - “It’s impacting your core business” 🙌✨ Done For You is better than Do It Yourself, in almost every case. 🙌✨

Announcing our partnership with Axiom today :) "Together, Axiom and Tarsal create a powerful platform for security insights. One that doesn’t force teams to choose between retention and cost. One that drastically reduces the complexity of working with diverse data sources. One that you can try risk-free today." Try out our one-click Axiom destination connector today!

Continuing the Build vs. Buy discussion from our last highlight, David Seidman talks about why DIY is a more expensive solution. 💰💰💰 - Security teams can spend more than 40 hours just BUILDING a single connector - That’s a lot, especially when you’re coming in with a big backlog - Then there’s maintenance and new platforms and connectivity to consider - “You’re never done with this even when you’re through your backlog” - “Generally I find this is a half to a full SWE … hundreds of thousands of dollars.” - There’s so many formats and so many providers, and most of them, providing you logs isn’t their core business Luckily, providing you logs IS our core business! 🚀