Blogs
January 11, 2023 / May 25, 2023 by Dhiraj Sharan
Hello readers! In my last blog we talked about Querying Cybersecurity Data Stored in S3. In that blog we had looked at file hashes from Cuba Ransomware. Querying for malware hashes is useful if you already have their checksums from your threat intelligence feed or other sources (like the CISA Alert in the last blog). […]
Read more »
January 5, 2023 / May 26, 2023 by Dhiraj Sharan
Amazon S3 has been a commonplace where organizations have stored their cybersecurity data. Often this is being done for S3’s cost efficiency with long-term retention necessitated by compliance needs. In the best case, analysts don’t need to interact with this data regularly. But when a security incident requires investigating, let’s say one year of data, […]
December 6, 2022 / January 20, 2025 by Dhiraj Sharan
Data, in its most natural and original state, is all over. Talk to any cybersecurity analyst working the SOC and you will find that they are dealing with data all over; in multiple tools in the cloud, traditional on-prem, or in their vendors’ SaaS. This is true irrespective of whether it’s a 100 employee organization […]
June 28, 2022 / May 26, 2023 by Dhiraj Sharan
For the first time since the start of the pandemic, earlier this month, I had the opportunity to attend RSA 2022 in-person. It was wonderful to reconnect with colleagues I had gone so long without seeing to discuss the current state of cybersecurity and future trends in the industry. From all my conversations with attendees and the […]
October 21, 2021 / June 15, 2023 by Dhiraj Sharan
Earlier this week, we were excited to announce our oversubscribed $15 million Series A round of financing, led by new investor SYN Ventures with participation from existing investors ClearSky Security and South Dakota Equity Partners. The funding further validates the market demand for our one-of-a-kind solution that gives companies full control of security investigations within a […]
June 30, 2021 / April 21, 2023 by Dhiraj Sharan
Today we are ecstatic to share that we have been recognized by Gartner as a Cool Vendor in Security Operations![1] The report recommends using, “all available data sources to improve incident investigation and response, and threat hunting capabilities. A decentralized approach may be faster to implement, more efficient and more cost-effective compared with using a […]
December 2, 2020 / March 22, 2023 by Dhiraj Sharan
Introduction Today’s most widely used security toolkit is OpenSSL, not only due to its licensing terms (including a commercial use with no restrictions whatsoever) but due to its rich plethora of facilities and building blocks we can use to build any sophisticated cryptosystem. It is also a rich learning tool, and despite its serious nature, […]
November 4, 2020 / April 21, 2023 by Dhiraj Sharan
Picture this – you are coming from a database background and getting into the world of IT monitoring or administration. While you are newly warming up to the Linux command line, you have to deal with Windows and Mac machines in your network. Add to that a bunch of Linux servers in your company’s data […]
September 30, 2020 / February 16, 2023 by Dhiraj Sharan
We talked about introductory OpenSSL in a previous blog Dipping Our Toes into OpenSSL, that covered how it supports rich cryptographic-centric operations, which are needed for all sorts of things in the security domain and even outside of it. Today, let’s take the next step and understand some of the crypto arithmetic behind it, without […]
September 16, 2020 / February 16, 2023 by Dhiraj Sharan
Socat — the tool of choice for proxies and networking pipes. In prior blogs, our team has written about tools like netcat, Nmap, and Zeek that network security engineers widely use. Security analysts and threat hunters use these tools to help with their daily tasks. So this time let’s talk about socat. Socat is the […]
