Blogs
February 21, 2023 / July 11, 2023 by Dhiraj Sharan
Hello Readers!! Today, let’s talk about SOAR – Security Orchestration, Automation, and Response. SOAR attempts to address the cross-platform automation and response problem in enterprise security. The technology has been around for 5+ years now and is gaining adoption after its turbulent initial years. In Q4 2022, Query conducted a series of discovery interviews with […]
Read more »
February 10, 2023 / May 25, 2023 by Dhiraj Sharan
Recently we gathered for a company all-hands in New Orleans. Since that event included a lot of recent hires, I shared the Query founding story with the team. It was a good time to look back, reflect, and discuss why we do what we do. That session with the team made me think, “why not […]
February 2, 2023 / May 25, 2023 by Dhiraj Sharan
Hello Readers! Today I wanted to share something very interesting that happened in Q4, 2022 at our company Query. We surveyed security professionals and found some major learnings that enabled me to write this blog. While the survey was broad, I will scope this blog to the top three investigation challenges that MDR customers face. […]
January 11, 2023 / May 25, 2023 by Dhiraj Sharan
Hello readers! In my last blog we talked about Querying Cybersecurity Data Stored in S3. In that blog we had looked at file hashes from Cuba Ransomware. Querying for malware hashes is useful if you already have their checksums from your threat intelligence feed or other sources (like the CISA Alert in the last blog). […]
January 5, 2023 / May 26, 2023 by Dhiraj Sharan
Amazon S3 has been a commonplace where organizations have stored their cybersecurity data. Often this is being done for S3’s cost efficiency with long-term retention necessitated by compliance needs. In the best case, analysts don’t need to interact with this data regularly. But when a security incident requires investigating, let’s say one year of data, […]
December 6, 2022 / December 13, 2024 by Dhiraj Sharan
Data, in its most natural and original state, is all over. Talk to any cybersecurity analyst working the SOC and you will find that they are dealing with data all over; in multiple tools in the cloud, traditional on-prem, or in their vendors’ SaaS. This is true irrespective of whether it’s a 100 employee organization […]
June 28, 2022 / May 26, 2023 by Dhiraj Sharan
For the first time since the start of the pandemic, earlier this month, I had the opportunity to attend RSA 2022 in-person. It was wonderful to reconnect with colleagues I had gone so long without seeing to discuss the current state of cybersecurity and future trends in the industry. From all my conversations with attendees and the […]
October 21, 2021 / June 15, 2023 by Dhiraj Sharan
Earlier this week, we were excited to announce our oversubscribed $15 million Series A round of financing, led by new investor SYN Ventures with participation from existing investors ClearSky Security and South Dakota Equity Partners. The funding further validates the market demand for our one-of-a-kind solution that gives companies full control of security investigations within a […]
June 30, 2021 / April 21, 2023 by Dhiraj Sharan
Today we are ecstatic to share that we have been recognized by Gartner as a Cool Vendor in Security Operations![1] The report recommends using, “all available data sources to improve incident investigation and response, and threat hunting capabilities. A decentralized approach may be faster to implement, more efficient and more cost-effective compared with using a […]
December 2, 2020 / March 22, 2023 by Dhiraj Sharan
Introduction Today’s most widely used security toolkit is OpenSSL, not only due to its licensing terms (including a commercial use with no restrictions whatsoever) but due to its rich plethora of facilities and building blocks we can use to build any sophisticated cryptosystem. It is also a rich learning tool, and despite its serious nature, […]