Blogs
August 3, 2025 / August 4, 2025 by Matt Eberhart | Leave a Comment
Working side-by-side with some of the most data-forward security teams in the world, I am excited to share that Query has built two new solutions: Query Agents and Query Security Data Pipelines. Both are available now in preview, and both are purpose-built to address the most common, and costly, challenges security teams face when it […]
Read more »
June 25, 2025 / June 26, 2025 by Matt Eberhart | Leave a Comment
A shift is underway in the security platform and SIEM landscape, and it’s not just driven by vendor hype. As highlighted in the latest Forrester Wave for Security Analytics Platforms report, AI has become a key differentiator, not because of buzzwords, but because of its potential to meaningfully assist security teams. The daily work of […]
June 16, 2025 / June 17, 2025 by Matt Eberhart | Leave a Comment
The best defense against a bad guy with AI is a good guy with AI. That reads like a bumper sticker, but it’s a front-line reality in modern cybersecurity programs. AI has pushed us into a phase shift, one where the barrier to entry is falling fast, and the ceiling for impact is rising even […]
June 11, 2025 / June 10, 2025 by Matt Eberhart | Leave a Comment
Security operations has always been a data problem. The challenge today isn’t a lack of data—it’s that the data you need is spread across too many systems, locked behind too many interfaces, and too hard to use when it matters. Traditional SIEM architectures were designed in a different era, and they haven’t kept up. Most […]
June 10, 2025 / June 10, 2025 by Matt Eberhart | Leave a Comment
Overview Security and observability teams evaluating Cribl are often focused on controlling data movement, optimizing storage costs, and building scalable pipelines. Cribl does this well. Projects often begin from a desire to reduce SIEM costs. But for security teams who need fast answers—not just better routing—Query solves a different problem. Cribl is helpful for managing […]
May 22, 2025 / May 22, 2025 by Matt Eberhart | Leave a Comment
When we started Query, we weren’t chasing buzzwords. We set out to solve a painful, persistent problem in security: how to get answers from the data you already have without needing to move it, centralize it, or rebuild pipelines every time your environment changed. We believed then, as we do now, that the right data […]
May 19, 2025 / May 19, 2025 by Matt Eberhart | Leave a Comment
A Familiar Pattern with a New Twist Shadow IT was once an existential threat to enterprise security architecture. Employees and departments would adopt unsanctioned SaaS tools outside the purview of IT, creating blind spots and unmanaged risk. The industry responded with discovery tools, governance policies, and architectural patterns to bring these tools into the light. […]
May 8, 2025 / May 8, 2025 by Matt Eberhart | Leave a Comment
5 Reasons CISO’s Should Empower Teams to Use Amazon S3 for Security Data, Plus 2 You Might Not Expect Introduction Security leaders face a familiar, growing dilemma: they’re collecting more telemetry than ever, while budgets stay flat and analyst capacity remains constrained. The modern SOC must scale with data, not against it. The truth is, […]
April 29, 2025 / April 29, 2025 by Matt Eberhart | Leave a Comment
We’ve all heard the legend of the 10X developer. The engineer whose output and impact seem to exceed the work of ten others. It’s one of the great myths of software, and, like most good myths, it’s rooted in some truth. But what if the next generation of great software doesn’t start with the best […]
April 21, 2025 / April 21, 2025 by Matt Eberhart | Leave a Comment
This is part V of a series exploring the concepts and potential of Federated Security. See more. Federated Security is not a set of features, it’s a shift in how we think about turning more of the data we already have into a strategic advantage across security operations. It starts with a simple idea: instead […]
