Blogs
May 7, 2024 / May 7, 2024 by Query | Leave a Comment
AWS Security Lake – Wiz.io Cloud Native Application Protection Platform (CNAPP) AWS Security Lake centralizes security data from cloud, on-premises, and custom sources into a data lake that’s stored in your AWS account. By integrating with Organizations, you can create a data lake that collects logs and events across your accounts. Wiz.io CNAPP is a […]
Read more »
April 30, 2024 / May 1, 2024 by Query
SentinelOne Singularity Platform Query’s integration with SentinelOne Singularity Platform allows analysts to do the following: For example, the analyst could obtain the following context: To integrate SentinelOne Singularity Platform, see integration documentation here. The integration will normalize data pulled from SentinelOne Singularity Platform into Query’s OCSF based Query Data Model (QDM) which then enables cross-platform […]
April 10, 2024 / April 10, 2024 by Query
Microsoft Entra ID (formerly Azure AD) & Active Directory Query’s integration with Microsoft EntraID (formerly Azure AD) & Active Directory, utilizing Query’s integration with Microsoft’s GraphAPI, allows analysts to do the following: For example, the analyst could obtain the following context: To integrate Microsoft EntraID (formerly AzureAD), see integration documentation here. The integration will normalize […]
April 3, 2024 / April 3, 2024 by Query
Microsoft Defender for Enterprise Query’s integration with Microsoft Defender for Enterprise (MDE), utilizing Query’s integration with Microsoft’s GraphAPI, allows analysts to do the following: For example, the analyst could obtain the following context: To integrate Microsoft Intune, see integration documentation here. The integration will normalize data pulled from Microsoft Intune, via the GraphAPI, into Query’s […]
Videos Webinars
March 27, 2024 / April 2, 2024 by Query
For the last 20+ years, the infosec community has sought to analyze more security data in order to ferret-out attackers earlier and more accurately. The result of these efforts is now data sprawl with security teams inundated with data of all sorts. Thus, we need to get a better feel for how security teams handle […]
March 26, 2024 / March 26, 2024 by Query
Microsoft Intune Utilizing Query’s integration with Microsoft’s GraphAPI, Query’s integration with Microsoft Intune allows analysts to do the following: For example, the analyst could obtain the following context: To integrate Microsoft Intune, see integration documentation here. The integration will normalize data pulled from Microsoft Intune, via the GraphAPI, into Query’s OCSF based QDM (Query Data […]
March 12, 2024 / March 12, 2024 by Query
AWS Web Application Firewall V2 (Via Cloudwatch) AWS WAFv2 (Web Application Firewall Version 2) is a managed AWS service that protects web applications and Application Programming Interfaces (APIs) by monitoring HTTP and HTTPS requests to them and controlling access based on conditions such as forbidding certain paths, IP addresses, URI strings, payload sizes, headers, country […]
March 8, 2024 / March 28, 2024 by Query
Culture without the commute. Many — well most — technology organizations have adopted a remote-first approach. But how do you build camaraderie, create bonds, and effectively lead a team from across the globe? In this clip from our latest webinar, Matt Eberhart and Kevin Hanes discuss their strategies for creating a strong remote culture in […]
March 5, 2024 / March 12, 2024 by Query
Amazon Athena for S3 Amazon Athena is a serverless analytics service on the Amazon Web Services (AWS) Cloud built upon Trino and Presto that allows you to perform interactive analysis and querying against data stored within Amazon Simple Storage Service (S3) buckets. Athena is able to work with several open-table formats such as AWS Glue […]
February 28, 2024 / March 12, 2024 by Query
Google BigQuery Google Cloud Platform (GCP) BigQuery is a fully-managed, serverless Enterprise Data Warehouse (EDW) that enables scalable analysis over large sets of data. You can execute SQL queries against massive datasets with rapid execution times. BigQuery handles the infrastructure, providing you with a an analytics engine that can pull insights from data with minimal […]
