Videos Webinars
March 8, 2024 / March 28, 2024 by Query
Culture without the commute. Many — well most — technology organizations have adopted a remote-first approach. But how do you build camaraderie, create bonds, and effectively lead a team from across the globe? In this clip from our latest webinar, Matt Eberhart and Kevin Hanes discuss their strategies for creating a strong remote culture in […]
Read more »
Blogs
March 5, 2024 / March 12, 2024 by Query
Amazon Athena for S3 Amazon Athena is a serverless analytics service on the Amazon Web Services (AWS) Cloud built upon Trino and Presto that allows you to perform interactive analysis and querying against data stored within Amazon Simple Storage Service (S3) buckets. Athena is able to work with several open-table formats such as AWS Glue […]
February 28, 2024 / March 12, 2024 by Query
Google BigQuery Google Cloud Platform (GCP) BigQuery is a fully-managed, serverless Enterprise Data Warehouse (EDW) that enables scalable analysis over large sets of data. You can execute SQL queries against massive datasets with rapid execution times. BigQuery handles the infrastructure, providing you with a an analytics engine that can pull insights from data with minimal […]
Videos
February 26, 2024 / March 28, 2024 by Query
How long does it take you to add a new data source to your security infrastructure? Days? Weeks? Months? We just added one in about three minutes, and we weren’t even trying to hurry. What data could you unlock by having an Athena integration like this? Noisy network data like zScaler? Huge data producers like […]
February 22, 2024 / May 6, 2024 by Query
AWS Security Lake — VPC Flow Data via Security Lake Query’s integration with AWS VPC Flow Log via Security Lake data allows analysts to do the following: For example, the analyst could obtain the following context: To integrate AWS VPC Flow Logs, see integration documentation here. The integration will normalize data pulled from Security Lake […]
February 21, 2024 / March 28, 2024 by Query
What makes for an effective cybersecurity leader in 2024? Many companies and teams are still working remotely or in a hybrid model. And even those going into the office may find they are not working in person with others in their department. What do teams need to be effective? How can leaders navigate this environment […]
Newsroom
February 16, 2024 / February 26, 2024 by Query
February 13, 2024 / February 26, 2024 by Query
ServiceNow is software for the SOC to manage incident workflow. While investigating incidents, analysts collaborate with each other using ServiceNow and capture results, actors and evidence, status, and progress information in the tool. Since it holds the organization’s incident history, ServiceNow also becomes a key data source that analysts need visibility into when they start […]
February 6, 2024 / February 26, 2024 by Query
WhoisXML API offers context for domain history. Integrating WhoisXML API with Query will allow analysts to include the following data in their search: Query’s connection to WhoisXML API can be easily enabled just by adding your API key in Query’s WhoisXML API connection configuration. See out integration documentation here. The integration is based on these […]
January 30, 2024 / January 31, 2024 by Query
Query’s integration with Auth0’s cloud identity management solution allows analysts to do the following: For example, the analyst could obtain the following context: To integrate Auth0, see integration documentation here. The integration will normalize data pulled from Auth0 into Query’s OCSF based QDM (Query Data Model) which then enables cross-platform joins, compounding the analyst’s ability […]