Upwork's security team significantly improves performance and decreases costs with Hunters

BACKGROUND

Upwork is a SaaS platform that allows people to find freelance work in any industry. They specialize in connecting clients with freelancers to afford enterprises more flexibility in their projects, and provide talented freelancers work opportunities.

Upwork’s Cyber Fusion Center is a 24/7 team of security analysts, threat hunters and cyber threat intelligence analysts dedicated to identifying, investigating, and mitigating threats to Upwork and its customers. Upwork's architecture utilizes industry standard cloud infrastructure, and the majority of their internal and third-party tools are cloud- or SaaS-based applications.

Running a global freelancing platform generates a lot of data, and the high data storage costs of their previous solution resulted in siloed data, poor visibility, and inefficiencies within the security team.

UPWORK'S GOALS

• Centralize security operations into a single platform 
• Increase effectiveness of security team by introducing automation into the threat detection investigation, and response workflow
• Reduce the cost of data storage and historical log retention

KEY CHALLENGES

• Lack of visibility within the environment due to siloed data sources
• Different systems being maintained by different teams, leading to duplicative work
• Inefficient SOC operations and a lack of coordination in investigations 

"Because of Hunters, Upwork has been able to remain threat focused. We've been able to pull away from being alert-focused, going through the daily repetitive task of looking at alerts, doing repetitive investigations. Generally speaking, it transformed the way that we do investigations."

Shawn Chakravarty
Director of Cyber Fusion Center