Query

Working the day before Thanksgiving be like...

Last month, Cisco Investments hosted a live webinar, “Innovation Unleashed: Navigating Emerging Technologies—AI for Security / Security for AI”. Our CEO, Matt Eberhart, was a guest. Among other things, he did a quick demo of Query. Check it out: https://hubs.li/Q02Zyc490 #ciscoinvests #federatedsearch #innovationunleashed

At Cisco, we are always on the lookout for groundbreaking startups with revolutionary solutions. These companies bring forward advanced technology that enhances our products, guaranteeing our customers access to the best tools to maintain a competitive edge and discover new business prospects. We're proud to feature these startups in this month's Startup Snapshot?? ??CoreWeave ??DEScycle ??Corelight ??Halcyon ??Island ??Theta Lake ??Dremio ??HYCU, Inc. ??Airtop ??Aliro ??Nobl9 ??Query ??Securiti ??SGNL ??Tidelift ??Upstream Security ?? https://hubs.ly/Q02Zn2Ct0 #CiscoInvests

On this episode of #SecDataOpsCast, BitLyft Cybersecurity Director of SOC Noah Hoag sat down with Query CISO Neal Bridges to provide insights on handling data within a Security Operations Center. This was a great conversation that covered a lot of bases, including distinctions between analysts and incident responders, cybersecurity training tips, the value of practical experience, and the significance (or lack thereof??) of coding and data engineering skills. https://hubs.ly/Q02ZdT3C0 #SOC #federatedsearch #secdataops

We're psyched to release Query's integration with Google SecOps today! Google SecOps enables customers to securely retain, analyze, and search large volumes of security and network telemetry. It normalizes, indexes, and correlates data to provide instant insights into risky activities. Query's federated search expands access to security-relevant data from any connected source to help analysts make better decisions, faster. You can learn more about our integration here: https://lnkd.in/dnj7XytP Thanks to Jonathan Rau and Avnish Anand for building a powerful integration, and to Google's Stacey King for her partnership and help along the way. Google Cloud Security #SecDataOps #CISO #securityoperations

?? SOC Manager: Hey folks, you have probably heard that our deal with Big Rocket Co. has closed! Guess who the lucky SecOps team is that will ensure security during the M&A!? ?? SOC Analyst #1: Let me guess…another MSSP?! ?? SOC Manager: Lol. No. Us, it’s us! ? SOC Analyst #2: I’ve never done M&A before, what security technology does Big Rocket Co. use? ?? SOC Manager: Well, they *were* using a MSSP, but not anymore. They used Google Security Operations as their SIEM. It used to be called Chronicle back in the day. They kept the SIEM, though. ??SOC Analyst #1: I swear, we just migrated away from our SIEM, and now we have another SIEM?! ?? SOC Analyst #2: Not only that, what other query languages do you have to learn now? [SMASHES KEYBOARD WITH ANNOYANCE] Oh…Unified Data Model…UDM? ?? SOC Manager: Folks, folks…please. We are all good! Query has a Connector for Google SecOps. It will handle the query translation into UDM, it will normalize the results to OCSF, it will smartly search the data they have just like it does for all of our Connectors that we have in Query Federated Search. ??SOC Analyst #2: Wow, Query makes it almost *too easy* for us! It’s like they know what we’re thinking?!? ??SOC Manager: Our first priority is to check if there are any critical alerts from their onboarded datasets, let’s normalize some OCSF Detection Findings based on what they have in there. I have all of their Feed Names in a document from the M&A due diligence. ???SOC Analyst #2: Aye-aye cap’n, this will be far too easy! Read more: https://lnkd.in/emuAnx9H #googlesecops #googlesecurityoperations #nextgensiem #gcp #siem #federatedsearch #observability #chronicle

The Open Cybersecurity Schema Framework (OCSF) is an open-source and collaborative effort across the industry to define a vendor- and platform-agnostic schema for security and IT observability data. It has been contributed to by Query, Amazon Web Services (AWS), Splunk, Cisco, CrowdStrike, and several dozen other organizations and individuals. Find out more from our partner Query in their latest blog below ? ? https://lnkd.in/es45jfsv Simon Johnson, Peter Vorley, Lawrence McEwen, Lisa Ventura MBE