Case Study: Multinational Oil and Gas Corporation achieves 90% faster cybersecurity threat detection with Cloudera

Streaming data with real-time analytics significantly improves cybersecurity detection and response time

A multinational oil and gas company needed a unified manufacturing data lake and real-time log analytics to consolidate refinery, sensor, historical and endpoint data. Relational systems and their initial single-application data lake couldn’t handle high-frequency data or flexible ingestion from Windows, Linux and edge devices, driving up licensing and infrastructure costs and limiting real-time alerting and cross-team visibility.

The company moved to a hybrid multi-cloud CDP on AWS platform—replacing EMR with Cloudera Data Engineering and Data Warehouse—and used NiFi, Apache MiNiFi and Kafka for high-speed ingestion, parsing and distribution. The new architecture ingests logs from 130,000 PCs globally in real time, cut mean time to detection from 70 to 7 minutes (90% faster), accelerated search by 55%, reduced logs by 60% (saving about $2M in licenses over five years) and lowered infrastructure costs ~30%, while enabling broader analytics and future plans to further reduce detection time with Apache Flink.