New Investment Will Advance Company Goal to Deliver Data Driven Answers to Security Teams
Atlanta, GA, September 25, 2024 — Query, a patented federated search solution for security data, today announced a strategic investment from Cisco Investments. The investment will drive the development and adoption of the Query federated search platform and Query Splunk app, advancing Query’s mission to equip security teams with data driven answers for faster, more informed decisions that reduce cybersecurity complexity.
“The best security teams run on data. Cisco Investments’ support affirms the value of our approach to turn data into a strategic advantage for cybersecurity operators,” says Query CEO, Matt Eberhart. “Security practitioners told us that they need data driven answers fast. Working with these users, we designed Query to solve the data challenges they face every day.”
Query customers report their security relevant data is growing by an estimated 40% per year and is widely dispersed across many enterprise systems, platforms, and technologies. On average, more than twenty manual pivots into different tools are required to conduct one security investigation. Query removes these pivots by providing a single answer from all connected data sources, resulting in faster and more complete investigations, threat hunts, and incident response. An AI-powered Query Copilot assists users with data summaries, recommended remediations, follow up actions, and more.
“Query’s federated search technology amplifies the value of security tools, such as SIEM and XDR, as well as other data sources, such as data lakes, for SOC analysts by providing data visibility closer to the source, enabling real-time security operations,” said Janey Hoe, Vice President, Cisco Investments. “Effective security operations require teams to answer questions quickly using data from many sources, without long onboarding times and increasing data costs. Query is purpose-built to do just that. We are delighted to invest in Query.”
Query’s patented distributed federated search engine enables security teams to get complete data driven answers, without pivoting into dozens of tools, eliminating the need to learn multiple search languages, and removing the frustration that comes from too many platforms that don’t work together. Unlike traditional approaches, Query uses APIs to access and get answers from distributed data, removing the costs, challenges, and risks that come with bulk data centralization, without building data pipelines or automation playbooks.
About Query
Query federated search is a search and analytics solution for security analysts, threat hunters and incident responders to access, search, and get answers from security relevant data located anywhere. Query is fundamentally different from traditional security solutions because it leaves the data inside the connected systems instead of centralizing, while still enabling security teams to get immediate, data-driven answers. Query gives you the freedom to choose the architecture that works best for you, avoid vendor lock-in, and reduce cost. Learn more at www.Query.ai.