Blogs
March 26, 2024 / March 26, 2024 by Query
Microsoft Intune Utilizing Query’s integration with Microsoft’s GraphAPI, Query’s integration with Microsoft Intune allows analysts to do the following: For example, the analyst could obtain the following context: To integrate Microsoft Intune, see integration documentation here. The integration will normalize data pulled from Microsoft Intune, via the GraphAPI, into Query’s OCSF based QDM (Query Data […]
Read more »
March 12, 2024 / March 12, 2024 by Query
AWS Web Application Firewall V2 (Via Cloudwatch) AWS WAFv2 (Web Application Firewall Version 2) is a managed AWS service that protects web applications and Application Programming Interfaces (APIs) by monitoring HTTP and HTTPS requests to them and controlling access based on conditions such as forbidding certain paths, IP addresses, URI strings, payload sizes, headers, country […]
Videos Webinars
March 8, 2024 / March 28, 2024 by Query
Culture without the commute. Many — well most — technology organizations have adopted a remote-first approach. But how do you build camaraderie, create bonds, and effectively lead a team from across the globe? In this clip from our latest webinar, Matt Eberhart and Kevin Hanes discuss their strategies for creating a strong remote culture in […]
March 5, 2024 / March 12, 2024 by Query
Amazon Athena for S3 Amazon Athena is a serverless analytics service on the Amazon Web Services (AWS) Cloud built upon Trino and Presto that allows you to perform interactive analysis and querying against data stored within Amazon Simple Storage Service (S3) buckets. Athena is able to work with several open-table formats such as AWS Glue […]
February 28, 2024 / March 12, 2024 by Query
Google BigQuery Google Cloud Platform (GCP) BigQuery is a fully-managed, serverless Enterprise Data Warehouse (EDW) that enables scalable analysis over large sets of data. You can execute SQL queries against massive datasets with rapid execution times. BigQuery handles the infrastructure, providing you with a an analytics engine that can pull insights from data with minimal […]
Videos
February 26, 2024 / March 28, 2024 by Query
How long does it take you to add a new data source to your security infrastructure? Days? Weeks? Months? We just added one in about three minutes, and we weren’t even trying to hurry. What data could you unlock by having an Athena integration like this? Noisy network data like zScaler? Huge data producers like […]
February 22, 2024 / May 6, 2024 by Query
AWS Security Lake — VPC Flow Data via Security Lake Query’s integration with AWS VPC Flow Log via Security Lake data allows analysts to do the following: For example, the analyst could obtain the following context: To integrate AWS VPC Flow Logs, see integration documentation here. The integration will normalize data pulled from Security Lake […]
February 21, 2024 / March 28, 2024 by Query
What makes for an effective cybersecurity leader in 2024? Many companies and teams are still working remotely or in a hybrid model. And even those going into the office may find they are not working in person with others in their department. What do teams need to be effective? How can leaders navigate this environment […]
Newsroom
February 16, 2024 / February 26, 2024 by Query
February 13, 2024 / February 26, 2024 by Query
ServiceNow is software for the SOC to manage incident workflow. While investigating incidents, analysts collaborate with each other using ServiceNow and capture results, actors and evidence, status, and progress information in the tool. Since it holds the organization’s incident history, ServiceNow also becomes a key data source that analysts need visibility into when they start […]
