Case Study: Lookout reduces SIEM costs and improves incident response with Uptycs

A Security Solutions Leader in its Own Right, Lookout Relies on Uptycs for Workstation and AWS Infrastructure Security

Lookout, a security solutions leader protecting endpoints, apps, networks, and clouds, needed a better way to handle security alerts across its workstation and AWS environments. The company wanted clearer asset groupings to support incident response, better integration with its existing IRT workflow, and lower SIEM costs while improving alert quality. Lookout was already using Uptycs, but it had been underutilized and mainly used for compliance.

Lookout worked with Uptycs to map AWS metadata tags into matching asset groups, align alerts with the right services and on-call teams, and offload analysis from its ELK-based SIEM into Uptycs. Uptycs provided a single data model and deeper analytics, helping Lookout reduce noise, speed incident response, and cut SIEM storage and processing costs. The company reported significant ROI, faster mean-time-to-respond, and plans to move even more analysis into Uptycs to save additional ELK expense.

Lookout

Grant Kahn

Director, Security Intelligence Engineering