Blogs
February 10, 2023 / May 25, 2023 by Dhiraj Sharan
Recently we gathered for a company all-hands in New Orleans. Since that event included a lot of recent hires, I shared the Query founding story with the team. It was a good time to look back, reflect, and discuss why we do what we do. That session with the team made me think, “why not […]
Read more »
February 2, 2023 / May 25, 2023 by Dhiraj Sharan
Hello Readers! Today I wanted to share something very interesting that happened in Q4, 2022 at our company Query. We surveyed security professionals and found some major learnings that enabled me to write this blog. While the survey was broad, I will scope this blog to the top three investigation challenges that MDR customers face. […]
January 11, 2023 / May 25, 2023 by Dhiraj Sharan
Hello readers! In my last blog we talked about Querying Cybersecurity Data Stored in S3. In that blog we had looked at file hashes from Cuba Ransomware. Querying for malware hashes is useful if you already have their checksums from your threat intelligence feed or other sources (like the CISA Alert in the last blog). […]
January 5, 2023 / May 26, 2023 by Dhiraj Sharan
Amazon S3 has been a commonplace where organizations have stored their cybersecurity data. Often this is being done for S3’s cost efficiency with long-term retention necessitated by compliance needs. In the best case, analysts don’t need to interact with this data regularly. But when a security incident requires investigating, let’s say one year of data, […]
December 6, 2022 / September 8, 2023 by Dhiraj Sharan
Data, in its most natural and original state, is all over. Talk to any cybersecurity analyst working the SOC and you will find that they are dealing with data all over; in multiple tools in the cloud, traditional on-prem, or in their vendors’ SaaS. This is true irrespective of whether it’s a 100 employee organization […]
June 28, 2022 / May 26, 2023 by Dhiraj Sharan
For the first time since the start of the pandemic, earlier this month, I had the opportunity to attend RSA 2022 in-person. It was wonderful to reconnect with colleagues I had gone so long without seeing to discuss the current state of cybersecurity and future trends in the industry. From all my conversations with attendees and the […]
October 21, 2021 / June 15, 2023 by Dhiraj Sharan
Earlier this week, we were excited to announce our oversubscribed $15 million Series A round of financing, led by new investor SYN Ventures with participation from existing investors ClearSky Security and South Dakota Equity Partners. The funding further validates the market demand for our one-of-a-kind solution that gives companies full control of security investigations within a […]
June 30, 2021 / April 21, 2023 by Dhiraj Sharan
Today we are ecstatic to share that we have been recognized by Gartner as a Cool Vendor in Security Operations![1] The report recommends using, “all available data sources to improve incident investigation and response, and threat hunting capabilities. A decentralized approach may be faster to implement, more efficient and more cost-effective compared with using a […]
December 2, 2020 / March 22, 2023 by Dhiraj Sharan
Introduction Today’s most widely used security toolkit is OpenSSL, not only due to its licensing terms (including a commercial use with no restrictions whatsoever) but due to its rich plethora of facilities and building blocks we can use to build any sophisticated cryptosystem. It is also a rich learning tool, and despite its serious nature, […]
November 4, 2020 / April 21, 2023 by Dhiraj Sharan
Picture this – you are coming from a database background and getting into the world of IT monitoring or administration. While you are newly warming up to the Linux command line, you have to deal with Windows and Mac machines in your network. Add to that a bunch of Linux servers in your company’s data […]