Case Studies

Our experiences define our identity

Sumo logic

Crest Data Systems wrote multiple C2C connectors to get data into Sumo Logic. Users can collect data by providing the authentication parameters from the UI.


Crest Data Systems developed Elastic integrations for Security, Observability, and Enterprise Search use cases that help the user bring, analyze and correlate their logs across multiple platforms.


Crest Data Systems collaborated with Netskope to design and develop a horizontally scalable solution that was easy to deploy on customer premises.

Google Chronicle logo for case study

Crest Data Systems helped Google to adopt Chronicle GOLD parser to standardize data onboarding for all log sources and the parsing approaches for massive amounts of data.

LinkedIn 185-100

Built various automated workflows using Azure DevOps based CICD pipelines for the LinkedIn Information Security Team.

Datadog logo

Capture crucial metrics and get insights into the health and operation of the Dell EMC Isilon cluster to identify and resolve issues quickly.

Crest Engineering team helps maintain and evolve the tools to address the market’s ever-changing needs and expand their customer base.

Crest implemented a UI feature of Category groups for Sonicwall Content Filter Service on Firewalls. Using groups, network activity can be mapped with a group using categories.

This application has capabilities like scanning files and detecting malicious files from a given location.


We developed a number of closed and open-source Mission Control Plugins using the plugin framework across CASB, Threat Intel, EDR, VAPT, and Cloud solutions.

Significantly reduced the database management time for their customers, increasing Vertica's footprint on the market.

Crest developed TruStashes using the TruSTAR framework (third pary integrations).


Crest helped the Splunk Cloud operations team in creating the next-generation automation system at scale.


Crest built integrations of RiskIQ Passivetotal into Splunk and provided a consistent user experience to enable monitoring from a single source for security teams.

Crest developed the QRadar App for IntSights integrating IntSight’s Cyber Threat Intelligence and QRadar to rationalize the threat data and surface the targeted attacks which would otherwise be “noise”.

Crest developed Databricks notebooks to collect and parse AWS Cloud Trail , AWS VPC logs and Syslogs data from S3 buckets into Databricks environment for further processing.

Built integration with ServiceNow and ACI platform so that the user can pull various IT assets and create a relationship between the modules internally as well as with the ServiceNow CMDB table.


The Check Point ServiceNow application integrates Security Operations allowing security analyst to create Check Point Block List entries from observables and determined to be malicious in ServiceNow security incidents.

Crest developed the Endgame application to fetch the alerts from the app at regular intervals and report them as NOW Incidents.

illumio logo

Crest Data System ServiceNow Experts helped implement ServiceNow CMDB as a single source of truth.


Crest helped Check Point team to achieve their goal by designing Adaptive Response actions in Splunk.

TruSTAR partnered with Crest to build an integration with IBM’s Resilient Systems to automatically sends Incident information to TruSTAR and in turn enrich security context for the Incident.


Symantec ATP team partnered with Crest to create playbooks for Phantom’s SOAR platform that provides incident response for out of the box actions and flexibility to customize incident response to fit end-customer’s needs.

The Splunk app for Digital Shadows allows Splunk software administrator to collect incident using modular inputs.


Crest built an app for Falcon Endpoint that reduces security incident exposure with automatic responses.


Symantec ATP app provides various visualizations for Network, Endpoint and Email threat protection using Splunk.

netapp logo

This app provides visibility into the health and performance of NetApp E-Series and EF-Series storage systems and lets the user track array, controller and volume performance.

Enhanced visibility into the cluster including inventory, performance, and critical events with detailed drill-downs, built-in correlation resulting in comprehensive analytics & faster problem resolution.

This app collects data from Application Policy Infrastructure Controller (APIC) events, health scores and inventory data to deliver centralized visibility.

Leading retailer gains competitive advantage by getting deep business insights while reducing Splunk Admin Costs by more than 50%.