Query, Author at Query

What SDO Enables and What It Does Not

February 5, 2026 / February 5, 2026 by Query | Leave a Comment

This white paper provides a practical guide to assessing security data operations and developing a phased strategy to build a scalable foundation for modern security operations and AI.

Query Introduces Federated Detections, Decoupling Detection Logic from Data Ingestion

January 28, 2026 / January 28, 2026 by Query | Leave a Comment

Building Security Data Lakehouse S3 Whitepaper thumbnail

Best Practices for Building & Running a Security Data Lake on Amazon S3

October 29, 2025 / October 29, 2025 by Query

This white paper explores how to map Amazon Application Load Balancer (ALB) access logs to the Open Cybersecurity Schema Framework (OCSF) to improve security analytics, visibility, and incident response...

Mapping ALB to OCSF white paper

Mapping Amazon Application Load Balancer Access Logs to the Open Cybersecurity Schema Framework (OCSF)

October 9, 2025 / October 9, 2025 by Query

This white paper explores how to map Amazon Application Load Balancer (ALB) access logs to the Open Cybersecurity Schema Framework (OCSF) to improve security analytics, visibility, and incident response...

OCSF Mapping white paper thumbnail

Definitive Guide to Open Cybersecurity Schema Framework (OCSF) Mapping

October 1, 2025 / October 1, 2025 by Query

Learn how to measure and optimize your cybersecurity investigation costs by quantifying your analysts' searches per investigation (ASPI)...

query security data pipelines white paper

Best Practices for Security Data Pipelines

August 14, 2025 / August 15, 2025 by Query

Learn how to measure and optimize your cybersecurity investigation costs by quantifying your analysts' searches per investigation (ASPI)...

query agents and pipelines blog

Query.ai Launches Agents and Data Pipelines to Cut Through Security Data Chaos

August 4, 2025 / August 4, 2025 by Query | Leave a Comment

secdataopscast episode 17 thumbnail

Videos Webinars

Security Operations in a Post-AI World

May 9, 2025 / May 9, 2025 by Query

Join Neal Bridges on this episode of SecDataOpsCast as he sits down with cybersecurity veteran Alan White, an 18-year Army signals officer turned Dell Secureworks, Digital 14, Mandiant & Google leader, to unpack “Security Operations in a Post-AI World.” Hear them discuss: How the explosion of dashboards and data sources has made SOC work more […]

query copilot for configure schema video thumbnail

Query CoPilot for Configure Schema

April 17, 2025 / April 17, 2025 by Query | Leave a Comment

Learn how to map Okta authentication events stored in Snowflake into the Open Cybersecurity Schema Framework using Query Copilot for Configure Schema. In this under‑5‑minute demo, Jonathan Rao shows you how to: Load a data sample from Snowflake in tabular or JSON view Use AI‑driven suggestions to classify event types and map fields (email, IP […]

SecDataOpsCast Fight Night thumbnail

Videos Webinars

SecDataOpsCast Fight Night — AI in the SOC

April 14, 2025 / April 14, 2025 by Query

Welcome to a special edition of the #SecDataOpsCast, where things are about to get real. In this no-holds-barred episode, host Neal Bridges brings together two powerhouse CISOs for a head-to-head debate on one of the hottest topics in cybersecurity today: AI in the Security Operations Center (SOC). 👥 Kyu Kwak – CISO at Pearson 👥 […]