How Our Security Team Uses New Relic One for Prevention

In 2016, New Relic's Security team used New Relic Insights for monitoring security events, but by 2020, they revamped their approach due to changes in the New Relic platform, converting their dashboards into more flexible and user-friendly Nerdlets using the New Relic One SDK. The transition involved moving away from static queries to dynamic, customizable queries that allow for real-time filtering and data manipulation, enhancing their ability to monitor network traffic and identify security incidents. This new system relies on Network Telemetry Integration data and enables users to create and modify NRQL queries on the fly, which can then be used for alerts or dashboards. The team aims to evolve the platform into a full-fledged security information and event management system by adding pre-processing logic to logs for better correlation of events. The blog post, authored by Scott Cutler, a Senior Application Security Engineer at New Relic, includes code snippets for others to try this system and invites engagement through New Relic's Explorers Hub for further support and discussion.