Blogs

		[{"id":4759,"link":"https:\/\/www.query.ai\/resources\/blogs\/product-release-detection-coverage\/","name":"product-release-detection-coverage","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2026\/01\/Fed-Detections-32.png","alt":""},"title":"Product Release: Detection Coverage for Distributed Security Data","postMeta":[],"author":{"name":"Mike Bousquet","link":"https:\/\/www.query.ai\/resources\/author\/mike\/"},"date":"Jan 28, 2026","dateGMT":"2026-01-28 18:56:34","modifiedDate":"2026-01-28 13:56:36","modifiedDateGMT":"2026-01-28 18:56:36","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":5,"sec":29},"status":"publish","content":"Most detection solutions have the same prerequisite: if you want to detect on it, you need to ingest it first."},{"id":4750,"link":"https:\/\/www.query.ai\/resources\/blogs\/siem-and-security-data-predictions-2026\/","name":"siem-and-security-data-predictions-2026","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2026\/01\/Dhiraj-Predictions.png","alt":""},"title":"Five SIEM and Security Data Predictions for 2026","postMeta":[],"author":{"name":"Dhiraj Sharan","link":"https:\/\/www.query.ai\/resources\/author\/dhiraj\/"},"date":"Jan 26, 2026","dateGMT":"2026-01-26 22:03:31","modifiedDate":"2026-01-26 17:06:31","modifiedDateGMT":"2026-01-26 22:06:31","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":7,"sec":39},"status":"publish","content":"AI, SecDataOps, and federation are some of the primary forces that will continue to reshape security operations in the years"},{"id":4734,"link":"https:\/\/www.query.ai\/resources\/blogs\/security-data-is-distributed\/","name":"security-data-is-distributed","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2026\/01\/Security-Data-is-Distributed-Blog-Header-Final.png","alt":""},"title":"Security Data Is Distributed. We Should Act Like It.","postMeta":[],"author":{"name":"Mike Bousquet","link":"https:\/\/www.query.ai\/resources\/author\/mike\/"},"date":"Jan 14, 2026","dateGMT":"2026-01-15 01:03:23","modifiedDate":"2026-01-14 20:03:25","modifiedDateGMT":"2026-01-15 01:03:25","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":5,"sec":29},"status":"publish","content":"Security operations has always been a data game. Long before XDR, data lakes, or AI-assisted investigations, SOC teams were stitching"},{"id":4732,"link":"https:\/\/www.query.ai\/resources\/blogs\/journey-from-federated-search-to-knowledge\/","name":"journey-from-federated-search-to-knowledge","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2026\/01\/image-8.png","alt":""},"title":"Journey from Federated Search to Knowledge: Centralize the knowledge, not the data","postMeta":[],"author":{"name":"Dhiraj Sharan","link":"https:\/\/www.query.ai\/resources\/author\/dhiraj\/"},"date":"Jan 12, 2026","dateGMT":"2026-01-13 00:32:11","modifiedDate":"2026-01-12 19:32:12","modifiedDateGMT":"2026-01-13 00:32:12","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":6,"sec":56},"status":"publish","content":"2026 has dawned. The holiday break gave me the chance to reflect on the journey we are on at Query"},{"id":4725,"link":"https:\/\/www.query.ai\/resources\/blogs\/query-2025-year-in-review\/","name":"query-2025-year-in-review","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2025\/12\/Query-Year-in-Review-BlogHeader.png","alt":""},"title":"Query 2025 Year in Review: Building the Security Data Mesh for Modern SecOps","postMeta":[],"author":{"name":"Mike Bousquet","link":"https:\/\/www.query.ai\/resources\/author\/mike\/"},"date":"Dec 22, 2025","dateGMT":"2025-12-22 23:30:48","modifiedDate":"2025-12-22 18:41:13","modifiedDateGMT":"2025-12-22 23:41:13","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":6,"sec":54},"status":"publish","content":"2025 was an inflection point for how organizations think about security data. Security-relevant data volumes continued to grow across SIEMs,"},{"id":4710,"link":"https:\/\/www.query.ai\/resources\/blogs\/customer-success-story-how-this-enterprise-used-splunk-to-investigate-microsoft-sources-leveraging-query\/","name":"customer-success-story-how-this-enterprise-used-splunk-to-investigate-microsoft-sources-leveraging-query","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2025\/12\/SPLUNK-MSFT-QUERY-blog-header-final-scaled.png","alt":""},"title":"Customer Success Story: How this enterprise used Splunk to investigate Microsoft sources, leveraging Query","postMeta":[],"author":{"name":"Dhiraj Sharan","link":"https:\/\/www.query.ai\/resources\/author\/dhiraj\/"},"date":"Dec 17, 2025","dateGMT":"2025-12-18 03:05:53","modifiedDate":"2025-12-17 22:05:55","modifiedDateGMT":"2025-12-18 03:05:55","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":14,"sec":58},"status":"publish","content":"Introduction Security teams running large Microsoft-centric environments depend heavily on telemetry from Defender for Endpoint (MDE), Defender for Office 365,"},{"id":4694,"link":"https:\/\/www.query.ai\/resources\/blogs\/customer-success-story-investigating-using-archived-crowdstrike-telemetry-stored-in-amazon-s3\/","name":"customer-success-story-investigating-using-archived-crowdstrike-telemetry-stored-in-amazon-s3","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2025\/12\/SP-CRWD-AWS-Blog-scaled.png","alt":"Investigating using archived CrowdStrike telemetry stored in Amazon S3"},"title":"Customer Success Story: Investigating using archived CrowdStrike telemetry stored in Amazon S3","postMeta":[],"author":{"name":"Dhiraj Sharan","link":"https:\/\/www.query.ai\/resources\/author\/dhiraj\/"},"date":"Dec 15, 2025","dateGMT":"2025-12-15 22:25:22","modifiedDate":"2025-12-17 22:15:16","modifiedDateGMT":"2025-12-18 03:15:16","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":12,"sec":0},"status":"publish","content":"Introduction As organizations continue to rely on endpoint detection and response (EDR) tools like CrowdStrike Falcon for deep visibility into"},{"id":4683,"link":"https:\/\/www.query.ai\/resources\/blogs\/splunk-to-amazon-security-lake-customer-story\/","name":"splunk-to-amazon-security-lake-customer-story","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2025\/12\/2025-12-04_Splunk-SecLake-Transition.png","alt":"Splunk to Amazon Security Lake transition blog"},"title":"Customer Success Story: How This Enterprise Is Transitioning From Splunk to Amazon Security Lake Leveraging Query","postMeta":[],"author":{"name":"Dhiraj Sharan","link":"https:\/\/www.query.ai\/resources\/author\/dhiraj\/"},"date":"Dec 04, 2025","dateGMT":"2025-12-04 16:03:09","modifiedDate":"2025-12-04 11:03:11","modifiedDateGMT":"2025-12-04 16:03:11","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":16,"sec":15},"status":"publish","content":"Introduction In an era where cloud environments expand ever faster and security telemetry grows exponentially, enterprise security teams face a"},{"id":4646,"link":"https:\/\/www.query.ai\/resources\/blogs\/connect-splunk-and-crowdstrike-with-query-security-data-mesh\/","name":"connect-splunk-and-crowdstrike-with-query-security-data-mesh","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2025\/11\/2025-11-20_splunk-crowdstrike.png","alt":"query with splunk and crowdstrike header"},"title":"Customer Success Story: How One Enterprise Used Query to Connect Splunk & CrowdStrike, Reducing Costs & Avoiding 2TB of Daily Ingestion","postMeta":[],"author":{"name":"Matt Eberhart","link":"https:\/\/www.query.ai\/resources\/author\/matt\/"},"date":"Nov 20, 2025","dateGMT":"2025-11-20 15:53:48","modifiedDate":"2025-12-16 00:23:52","modifiedDateGMT":"2025-12-16 05:23:52","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":15,"sec":6},"status":"publish","content":"For years, security teams have faced an uncomfortable truth: the platforms they depend on to detect and respond to threats"}]