Blogs
July 31, 2024 / July 31, 2024 by Query | Leave a Comment
Databricks Databricks is a multi-cloud Data Lakehouse platform that supports business intelligence (BI), data streaming, warehousing, data science, and security-relevant use-cases. In their own words, Databricks describes the platform as: “the Databricks Data Intelligence Platform is built on lakehouse architecture, which combines the best elements of data lakes and data warehouses to help you reduce […]
Read more »
Videos
July 29, 2024 / August 2, 2024 by Query
Watch how Query can speed up your cybersecurity investigations with true Federated Search for Security in this short overview.
July 23, 2024 / July 22, 2024 by Query | Leave a Comment
Azure Log Analytics Azure Log Analytics is a time-series wide-column NoSQL-like logging service within the Azure Monitor ecosystem. Each workspace contains multiple tables organized into separated columns with multiple rows, defined by a set schema of columns that contains structured and semi-structured logging and event data. Logs and other data can be read from these […]
July 16, 2024 / July 16, 2024 by Query | Leave a Comment
Microsoft Sentinel Microsoft Sentinel is a cloud-native Security Information & Event Management (SIEM) platform hosted on the Azure cloud that provides centralized alerting, orchestration, automation, and detection capabilities to support incident response, threat hunting, and investigations. Microsoft Sentinel has connectors to integrate with over 100 Microsoft and 3rd party sources to collect their data in […]
Videos Webinars
July 12, 2024 / July 12, 2024 by Query
Building a modern security team in today’s world requires special considerations — especially given how big the data challenges are today. Lets dive into how you go about building a security team, in a data diverse world. Check out the fifth installment of the #SecDataOpsCast with Query CISO Neal Bridges and ALS Global Information Security […]
June 28, 2024 / June 28, 2024 by Query
Do you know how to find your Security Data??? Before being able to get to your super important data, we have to model it. No – not like modeling it on the catwalk…we have to map it to make it searchable. There are lots of ways to map security data, but about a year ago, […]
June 19, 2024 / June 19, 2024 by Query | Leave a Comment
Carbon Black Cloud Enterprise EDR Query’s integration with Carbon Black Cloud Enterprise EDR allows analysts to do the following: For example, the analyst could obtain the following context: To integrate Carbon Black Cloud Enterprise EDR, see integration documentation here. The integration will normalize data pulled from Carbon Black Cloud Enterprise EDR into Query’s OCSF based […]
June 14, 2024 / June 14, 2024 by Query
Did you hear…? Did you see…? Can you believe that happened?? Get Neal and Jon’s take on all things AWS re:Inforce on this week’s episode of the #SecDataOpsCast.
Newsroom
June 10, 2024 / June 10, 2024 by Query | Leave a Comment
June 4, 2024 / June 4, 2024 by Query
For the second episode of the SecDataOps Cast, Neal and Jon dive into cloud security with diversions into data…lagoons? And tanks. Read the Transcript 00:00:14:17 – 00:00:35:47Neal BridgesGood morning, good afternoon. Good evening. I did have to look over there, make sure I did not have the microphone on mute today, which I do not. […]
