Blogs
October 15, 2025 / October 15, 2025 by Dhiraj Sharan | Leave a Comment
Security data is no longer confined to a single source or centralized SIEM. It’s dispersed across clouds, SaaS platforms, identity systems, EDR tools, and more. This decentralized landscape presents a challenge: how do you operationalize security when your data lives everywhere? The answer isn’t to move your data. Moving big data is expensive, burdensome, and […]
Read more »
October 8, 2025 / October 9, 2025 by Dhiraj Sharan | Leave a Comment
Splunk users often ask how Query’s Federated Search compares to Splunk’s own Federated Search. The two sound similar, but they’re built for very different purposes. Here’s how to think about when (and how) to use each.
September 30, 2025 / September 30, 2025 by Dhiraj Sharan | Leave a Comment
Continuing with our fast pace of innovation, I am excited to announce the release of Query Splunk App 2.8, now available via Splunkbase! This release brings a host of capabilities for Splunk users to realize maximum value from the Query Security Data Mesh. Both new users and power users get more value and an easy, […]
September 23, 2025 / September 23, 2025 by Dhiraj Sharan | Leave a Comment
DNS is one of the most high-volume data sources. Yet security teams can’t ignore it, as it is a must-have source when it comes to investigating malware, C2 traffic & data exfiltration. Actively monitoring and investigating DNS in conjunction with other security data sources, is a sign of a more advanced/mature security program. Today, let’s […]
September 4, 2025 / September 4, 2025 by Dhiraj Sharan | Leave a Comment
Investigating vulnerabilities is painful yet absolutely essential work that the security team regularly does. Doing it manually quickly becomes overwhelming, so they typically integrate that as part of their SOC workflows. Lets walk through such a scenario with a customer of ours, how they solved the problem with the Query Security Data Mesh, while staying […]
August 12, 2025 / August 15, 2025 by Dhiraj Sharan | Leave a Comment
A few days back, Microsoft made big news across the cybersecurity landscape: Sentinel now has a built-in Data Lake — a supposedly lower-cost, long-term storage tier designed to help security teams keep data longer. It’s Microsoft’s official entrance into the security data lake wars, joining a fast-moving space where Splunk, Cribl, Amazon Security Lake, Delta […]
July 2, 2025 / June 27, 2025 by Dhiraj Sharan | Leave a Comment
For modern security and risk management teams, compliance is no longer a quarterly checklist—it’s a continuous imperative. From HIPAA to PCI DSS, GDPR to SOX, security and compliance teams come under pressure to quickly produce evidence, prove controls are in place, and trace access or actions across their sprawling data. But here’s the dirty little […]
April 21, 2025 by Dhiraj Sharan | Leave a Comment
This is part III of a series exploring the concepts and potential of Federated Security. See more. Splunk has become the backbone of enterprise security operations, and for good reason. Its analytics, dashboards, and detection capabilities are among the most powerful in the industry. But there’s a fundamental architectural tradeoff that has become increasingly costly: […]
April 14, 2025 / June 17, 2025 by Dhiraj Sharan | Leave a Comment
The Query AI Origin Story Today, the Query platform is synonymous with Federated Search, but why and how did we get here? Being the founder, let me take you through my journey to Query. The early stage startup journey involves understanding market problems and delivering innovative, game-changing solutions. My cybersecurity career began in 2001 at […]
April 9, 2025 / April 9, 2025 by Dhiraj Sharan | Leave a Comment
Extend Splunk Detection Capabilities with Query Query is a patented Federated Search solution for security data that does NOT require additional centralization or transformation of the data. Query enables security teams to use data to get answers and make better decisions, faster. Acting as an API gateway, Query, enables searching data where it resides without […]