Blogs
August 13, 2024 / September 10, 2024 by Query | Leave a Comment
Chief Information Security Officer for global companies sharing his expertise with the leading provider of federated search for security Query, the federated search solution for security teams, today announced the addition of 20-year veteran Chief Security Officer/Chief Information Security Officer Spencer Mott to the Query advisory board. As a member of the advisory board, Mott […]
Read more »
Videos Webinars
August 9, 2024 / August 9, 2024 by Query
Listen as Query CISO Neal Bridges and Pearson VP of Cybersecurity and combat veteran Jax Scott discuss topics ranging from critical subjects such as AI Security to tactical topics for industry professionals, like moving from mid-level management to Sr. Exec and establishing brand new BISO metrics.
July 31, 2024 / July 31, 2024 by Query | Leave a Comment
Databricks Databricks is a multi-cloud Data Lakehouse platform that supports business intelligence (BI), data streaming, warehousing, data science, and security-relevant use-cases. In their own words, Databricks describes the platform as: “the Databricks Data Intelligence Platform is built on lakehouse architecture, which combines the best elements of data lakes and data warehouses to help you reduce […]
Videos
July 29, 2024 / August 2, 2024 by Query
Watch how Query can speed up your cybersecurity investigations with true Federated Search for Security in this short overview.
July 23, 2024 / July 22, 2024 by Query | Leave a Comment
Azure Log Analytics Azure Log Analytics is a time-series wide-column NoSQL-like logging service within the Azure Monitor ecosystem. Each workspace contains multiple tables organized into separated columns with multiple rows, defined by a set schema of columns that contains structured and semi-structured logging and event data. Logs and other data can be read from these […]
July 16, 2024 / July 16, 2024 by Query | Leave a Comment
Microsoft Sentinel Microsoft Sentinel is a cloud-native Security Information & Event Management (SIEM) platform hosted on the Azure cloud that provides centralized alerting, orchestration, automation, and detection capabilities to support incident response, threat hunting, and investigations. Microsoft Sentinel has connectors to integrate with over 100 Microsoft and 3rd party sources to collect their data in […]
July 12, 2024 / July 12, 2024 by Query
Building a modern security team in today’s world requires special considerations — especially given how big the data challenges are today. Lets dive into how you go about building a security team, in a data diverse world. Check out the fifth installment of the #SecDataOpsCast with Query CISO Neal Bridges and ALS Global Information Security […]
June 28, 2024 / June 28, 2024 by Query
Do you know how to find your Security Data??? Before being able to get to your super important data, we have to model it. No – not like modeling it on the catwalk…we have to map it to make it searchable. There are lots of ways to map security data, but about a year ago, […]
June 19, 2024 / June 19, 2024 by Query | Leave a Comment
Carbon Black Cloud Enterprise EDR Query’s integration with Carbon Black Cloud Enterprise EDR allows analysts to do the following: For example, the analyst could obtain the following context: To integrate Carbon Black Cloud Enterprise EDR, see integration documentation here. The integration will normalize data pulled from Carbon Black Cloud Enterprise EDR into Query’s OCSF based […]
June 14, 2024 / June 14, 2024 by Query
Did you hear…? Did you see…? Can you believe that happened?? Get Neal and Jon’s take on all things AWS re:Inforce on this week’s episode of the #SecDataOpsCast.
