Blogs
May 29, 2024 / May 29, 2024 by Query | Leave a Comment
AWS Security Hub AWS Security Hub is an AWS service that can automate security best practice checks, aggregate security alerts into a single place and format, and understand your overall security posture across all of your AWS accounts. Security Hub is a cloud security posture management (CSPM) service that performs security best practice checks, aggregates […]
Read more »
Videos Webinars
May 17, 2024 / May 17, 2024 by Query
Join Query CISO Neal Bridges and VP – Distinguished Engineer Jonathan Rau as they explore the world of SecDataOps. What is it? Who should care about it? Wait, wasn’t it a throwaway joke?
May 15, 2024 / May 15, 2024 by Query | Leave a Comment
Amazon Security Lake – S3 Data Events Logs Amazon Security Lake centralizes security data from cloud, on-premises, and custom sources into a data lake that’s stored in your AWS account. By integrating with Organizations, you can create a data lake that collects logs and events across your accounts. S3 is AWS’s cloud storage microservice that […]
Newsroom
May 9, 2024 / May 9, 2024 by Query | Leave a Comment
May 7, 2024 / May 7, 2024 by Query | Leave a Comment
Query is excited to announce that we’ve become an Amazon Security Lake Subscriber Partner. Amazon Security Lake is approaching its one year anniversary of General Availability (GA). Security Lake automatically centralizes an organization’s security data from across their AWS environments, leading SaaS providers, on-premises environments, and cloud sources into a purpose-built data lake. It also […]
AWS Security Lake – Wiz.io Cloud Native Application Protection Platform (CNAPP) AWS Security Lake centralizes security data from cloud, on-premises, and custom sources into a data lake that’s stored in your AWS account. By integrating with Organizations, you can create a data lake that collects logs and events across your accounts. Wiz.io CNAPP is a […]
April 30, 2024 / May 1, 2024 by Query
SentinelOne Singularity Platform Query’s integration with SentinelOne Singularity Platform allows analysts to do the following: For example, the analyst could obtain the following context: To integrate SentinelOne Singularity Platform, see integration documentation here. The integration will normalize data pulled from SentinelOne Singularity Platform into Query’s OCSF based Query Data Model (QDM) which then enables cross-platform […]
April 10, 2024 / April 10, 2024 by Query
Microsoft Entra ID (formerly Azure AD) & Active Directory Query’s integration with Microsoft EntraID (formerly Azure AD) & Active Directory, utilizing Query’s integration with Microsoft’s GraphAPI, allows analysts to do the following: For example, the analyst could obtain the following context: To integrate Microsoft EntraID (formerly AzureAD), see integration documentation here. The integration will normalize […]
April 3, 2024 / April 3, 2024 by Query
Microsoft Defender for Enterprise Query’s integration with Microsoft Defender for Enterprise (MDE), utilizing Query’s integration with Microsoft’s GraphAPI, allows analysts to do the following: For example, the analyst could obtain the following context: To integrate Microsoft Intune, see integration documentation here. The integration will normalize data pulled from Microsoft Intune, via the GraphAPI, into Query’s […]
March 27, 2024 / April 2, 2024 by Query
For the last 20+ years, the infosec community has sought to analyze more security data in order to ferret-out attackers earlier and more accurately. The result of these efforts is now data sprawl with security teams inundated with data of all sorts. Thus, we need to get a better feel for how security teams handle […]
