RESOURCES

Blogs

		[{"id":4833,"link":"https:\/\/www.query.ai\/resources\/blogs\/the-compounding-advantage-part4\/","name":"the-compounding-advantage-part4","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2026\/03\/Accelerate-SecOps-Blog-Header-scaled.png","alt":""},"title":"The Compounding Advantage","postMeta":[],"author":{"name":"Mike Bousquet","link":"https:\/\/www.query.ai\/resources\/author\/mike\/"},"date":"Mar 24, 2026","dateGMT":"2026-03-24 07:21:54","modifiedDate":"2026-03-27 15:11:36","modifiedDateGMT":"2026-03-27 19:11:36","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":7,"sec":32},"status":"publish","content":"Project Hail Query, Part 4 of 4 Part 1 | Part 2 | Part 3 | Part 4 This series"},{"id":4831,"link":"https:\/\/www.query.ai\/resources\/blogs\/query-workers-security-data-mesh-part3\/","name":"query-workers-security-data-mesh-part3","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2026\/03\/Dawning-of-the-Modern-SOC-Blog-Header-scaled.png","alt":""},"title":"Every Investigation Is a Hail Mary. We Built You a Rocky.","postMeta":[],"author":{"name":"Mike Bousquet","link":"https:\/\/www.query.ai\/resources\/author\/mike\/"},"date":"Mar 23, 2026","dateGMT":"2026-03-23 08:00:37","modifiedDate":"2026-03-24 03:30:12","modifiedDateGMT":"2026-03-24 07:30:12","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":11,"sec":18},"status":"publish","content":"Project Hail Query, Part 3 of 4 Part 1 | Part 2 | Part 3 | Part 4 Security operations"},{"id":4827,"link":"https:\/\/www.query.ai\/resources\/blogs\/security-is-a-data-problem-part2\/","name":"security-is-a-data-problem-part2","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2026\/03\/Break-Free-From-Legacy-Orbit-Blog-Header-scaled.png","alt":""},"title":"Security Is a Data Problem. The AI Wave Just Made That Impossible to Ignore.","postMeta":[],"author":{"name":"Mike Bousquet","link":"https:\/\/www.query.ai\/resources\/author\/mike\/"},"date":"Mar 19, 2026","dateGMT":"2026-03-19 09:14:00","modifiedDate":"2026-03-24 03:26:23","modifiedDateGMT":"2026-03-24 07:26:23","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":9,"sec":50},"status":"publish","content":"Project Hail Query, Part 2 of 4 Part 1 | Part 2 | Part 3 | Part 4 The AI"},{"id":4822,"link":"https:\/\/www.query.ai\/resources\/blogs\/assumption-nobody-questioned-part1\/","name":"assumption-nobody-questioned-part1","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2026\/03\/End-Centralized-Gravity-Blog-Header-scaled.png","alt":""},"title":"The Assumption Nobody Questioned","postMeta":[],"author":{"name":"Mike Bousquet","link":"https:\/\/www.query.ai\/resources\/author\/mike\/"},"date":"Mar 18, 2026","dateGMT":"2026-03-18 12:14:17","modifiedDate":"2026-03-24 03:27:16","modifiedDateGMT":"2026-03-24 07:27:16","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":7,"sec":45},"status":"publish","content":"Project Hail Query, Part 1 of 4 Part 1 | Part 2 | Part 3 | Part 4 The movie"},{"id":4819,"link":"https:\/\/www.query.ai\/resources\/blogs\/detection-triage-investigation-distributed-data\/","name":"detection-triage-investigation-distributed-data","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2026\/03\/Detect-and-Triage-scaled.png","alt":""},"title":"Detection Triage & Investigation Across Distributed Data","postMeta":[],"author":{"name":"Mike Bousquet","link":"https:\/\/www.query.ai\/resources\/author\/mike\/"},"date":"Mar 09, 2026","dateGMT":"2026-03-09 14:28:24","modifiedDate":"2026-03-09 10:28:26","modifiedDateGMT":"2026-03-09 14:28:26","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":6,"sec":21},"status":"publish","content":"When the Investigation Begins The first post in this series explored detection coverage and how it often ends up defined"},{"id":4816,"link":"https:\/\/www.query.ai\/resources\/blogs\/ai-doesnt-erase-architectural-debt\/","name":"ai-doesnt-erase-architectural-debt","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2026\/03\/AI-Doesnt-Erase-Architectural-Debt-scaled.png","alt":""},"title":"AI Doesn\u2019t Erase Architectural Debt","postMeta":[],"author":{"name":"Mike Bousquet","link":"https:\/\/www.query.ai\/resources\/author\/mike\/"},"date":"Mar 04, 2026","dateGMT":"2026-03-04 19:51:27","modifiedDate":"2026-03-04 14:51:30","modifiedDateGMT":"2026-03-04 19:51:30","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":8,"sec":41},"status":"publish","content":"There\u2019s no shortage of AI commentary in security. Depending on your tolerance, it\u2019s either exciting or exhausting (Personally, I'm working"},{"id":4813,"link":"https:\/\/www.query.ai\/resources\/blogs\/deterministic-detection-without-centralization\/","name":"deterministic-detection-without-centralization","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2026\/03\/Why-Deterministic-Detection-Shouldnt-Require-Centralization.png","alt":""},"title":"Why Deterministic Detection Shouldn\u2019t Require Centralization","postMeta":[],"author":{"name":"Mike Bousquet","link":"https:\/\/www.query.ai\/resources\/author\/mike\/"},"date":"Mar 03, 2026","dateGMT":"2026-03-04 00:18:01","modifiedDate":"2026-03-03 19:18:04","modifiedDateGMT":"2026-03-04 00:18:04","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":6,"sec":31},"status":"publish","content":"Execution Drift Is Real In the last post, I argued that detection coverage often ends up defined by ingestion. If"},{"id":4808,"link":"https:\/\/www.query.ai\/resources\/blogs\/detection-coverage-depends-on-ingestion\/","name":"detection-coverage-depends-on-ingestion","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2026\/02\/Detection-Reach-Blog-Header.png","alt":""},"title":"When Detection Coverage Depends on Ingestion","postMeta":[],"author":{"name":"Mike Bousquet","link":"https:\/\/www.query.ai\/resources\/author\/mike\/"},"date":"Feb 25, 2026","dateGMT":"2026-02-26 03:33:56","modifiedDate":"2026-02-25 22:33:59","modifiedDateGMT":"2026-02-26 03:33:59","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":5,"sec":34},"status":"publish","content":"Most conversations about detection start with logic. Which rules are you running? How are they tuned? What frameworks are you"},{"id":4804,"link":"https:\/\/www.query.ai\/resources\/blogs\/soc-isnt-underpowered-its-over-fragmented\/","name":"soc-isnt-underpowered-its-over-fragmented","thumbnail":{"url":"https:\/\/www.query.ai\/wp-content\/uploads\/2026\/02\/State-of-the-SOC-Blog-Header.png","alt":""},"title":"The SOC Isn\u2019t Underpowered. It\u2019s Over-Fragmented.","postMeta":[],"author":{"name":"Mike Bousquet","link":"https:\/\/www.query.ai\/resources\/author\/mike\/"},"date":"Feb 24, 2026","dateGMT":"2026-02-24 18:18:01","modifiedDate":"2026-02-24 13:18:04","modifiedDateGMT":"2026-02-24 18:18:04","commentCount":"0","commentStatus":"open","categories":{"coma":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>","space":"<a href=\"https:\/\/www.query.ai\/resources\/category\/blogs\/\" rel=\"category tag\">Blogs<\/a>"},"taxonomies":{"post_tag":""},"readTime":{"min":9,"sec":41},"status":"publish","content":"A Practical Look at SOC Architecture After Microsoft\u2019s State of the SOC Report Microsoft\u2019s recently released State of the SOC"}]