AmerisourceBergen is one of the world’s largest pharmaceutical distributors. They are based in the United States and have over 150 global offices in more than 50 countries worldwide. It was founded over 100 years ago and as of 2019 is ranked #12 in the Fortune 500.
Given its size and prominence in the industry, this organization seeks to be always guarded against information security threats—from both external and internal actors. This means that the organization is required to sift through billions of events generated by a spectrum of network devices, endpoint solutions, and enterprise software. While collecting and aggregating these logs is a complex activity in itself, making them easily searchable and retrievable for investigation is another challenge.