Headed to #AWSreinvent 2024? Join Scanner CEO and Co-founder Cliff Crosland on Thursday, December 5 at 12 pm PT at the Wynn Hotel for lunch and a deep dive into reducing Datadog log and SIEM costs while maximizing efficiency. Learn more and register here: https://lnkd.in/gsi2pJcr #aws #datadog #siem #cybersecurity
Scanner.dev
软件开发
Fast search and threat detections for security data in S3. Reduce the total cost of ownership of your SIEM by up to 90%.
关于我们
Scanner.dev provides fast search and threat detections for security data in S3. Customers often use Scanner to reduce the costs of their SIEM and log search tools, running Scanner alongside tools like Splunk, Datadog, Sumo Logic, and Elastic. Customers redirect high volume workloads like cloud audit logs, network traffic logs, and identity provider logs away from their expensive SIEM and store them in S3 instead. Then, they use Scanner for fast search and detections on this data in S3, reducing costs dramatically - sometimes by $500k to $1M per year or more. After directly indexing the data in your S3, teams can analyze the data and find IP addresses and other IOCs in petabytes of logs in seconds - 100x faster than Athena for JSON data. Teams can also leverage features like dashboards, detections-as-code with Github sync, threat intelligence, and an API to connect with Splunk, Grafana, Datadog, SOARs like Tines or Torq, our library of Jupyter Notebooks for advanced threat hunting, Slack, Jira, or anything else with a custom webhook.
- 网站
-
https://scanner.dev/demo
Scanner.dev的外部链接
- 所属行业
- 软件开发
- 规模
- 2-10 人
- 总部
- San Francisco
- 类型
- 私人持股
- 创立
- 2022
- 领域
- Rust、Serverless、Logs、Log Management、Data Lake、Security、S3、AWS、data、cybersecurity、cloud security、API、Observability和SIEM
产品
![点击此处查看Scanner.dev]()
Scanner.dev
安全信息和事件管理 (SIEM) 软件
Scanner is a lightweight SIEM and observability platform that gives customers unprecedented visibility and threat detection on their cloud security logs at 80-90% less cost than legacy tools. Using a novel query engine designed from the ground up for cloud storage, customers can perform full-text search over petabytes of data at speeds of up to 10TB per second. Customers can analyze their data in our flagship web app or with our powerful API to analyze data in S3 directly inside tools like Splunk or Grafana while still reducing their bill up to 90%. Customers can also leverage features like Detections-as-Code with Github sync to manage their detection rules directly in their own GitHub repositories. Threat detections are one of the most important pillars of SIEMs, and we’re excited to help users streamline their threat detection development lifecycle. By embracing software development practices like code reviews, testing, and CI/CD, teams can develop and deploy detections faster.
地点
-
主要
获取路线
US,San Francisco
Scanner.dev员工
动态
-
Managing log costs in Datadog is a frequent challenge for many teams. Security teams, in particular, often find themselves navigating between Datadog Standard Logs, Datadog Flex Logs, and Datadog Cloud SIEM, each with its own complexities and cost considerations. In this article, we'll explore the specific challenges that arise when using these three features and show you how Scanner can help augment Datadog to address these issues effectively. By leveraging Scanner, you'll be able to enhance your log management while keeping costs under control.
-
Scanner.dev turns raw log data in S3 into an easily searchable resource. By organizing your logs and indexing them in a highly optimized way, Scanner makes it fast to find what you need, whether it's a critical security event or insights hidden deep in your logs. Read on to learn more about how we organize and optimize your data for fast search: https://lnkd.in/gP-Z2jVa
-
-
We’re excited to announce that the Scanner.dev Playground environment is now available for users to explore using a demo data set. The Playground is a hands-on, interactive way to experience Scanner, walking users through a complete threat investigation scenario involving cloud audit logs—specifically AWS CloudTrail logs.
The Playground Environment is Now Live: Explore Threat Investigations in Scanner
Scanner.dev,发布于领英
-
Scanner.dev转发了
In this episode of Unapologetically Technical, I interview Cliff Crosland, the co-founder and CEO of Scanner.dev. Cliff Crosland is a data engineer passionate about helping people wrangle massive log volumes. He sees logs as a treasure trove of insights and believes effective log analysis is critical in today's complex systems. We discussed his early experiences with distributed systems, including his work on creating graphs and entity resolution. We also discussed the implications of Generative AI and LLMs for current and future coders. Cliff highlighted the challenges of using batch systems in security and the need for real-time actions. He shared his views on containerization and Kubernetes consolidation and how this led to the microservices paradigm. Lastly, we go in-depth into Scanner.dev, covering what it is and how it works. We discuss file formats and the ways that logging brings unique challenges to system creation. We consider how Scanner.dev uses lambda functions to create a map/reduce-style distributed system that is performant yet cost-efficient. Check it out! Link in the comment section below. ??
-
We're excited to announce the release of?Detection Rules as Code, allowing security teams to manage Scanner detection rules directly in their own Github repositories enabling stronger collaboration, change management, and continuous delivery of detections ??
Announcing Detection Rules as Code with CI/CD
Scanner.dev,发布于领英
-
Watch our interview with Cyber Security Tribe, where CEO and co-founder Cliff Crosland explores the future of SIEMs and advocates for a new design suited for the cloud: keeping a search index in cloud storage alongside your data lake.
https://lnkd.in/eZYiD6uN Legacy SIEMs often fall short in meeting the demands of modern security landscapes, with cost and complexity being particularly painful. Cliff Crosland explores the capabilities that the next generation of SIEM solutions must have to address the limitations of legacy systems and empower security teams to stay ahead of evolving threats. Scanner.dev #SIEMs #SOAR #AI #CyberSecurity #infosec #datasecurity
Reimagining SIEM: What’s Coming in Next-gen Platforms
cybersecuritytribe.com
-
Scanner.dev转发了
If you're going to #blackhat, come say hi at the Scanner.dev booth (#SC502) and watch us repeatedly do our favorite thing: searching years of logs in S3 in seconds. Or, grab a coffee with me: https://lnkd.in/gR7D6sNe See you in Vegas.
-
-
We’re excited to announce the release of Scanner for Jupyter, allowing users to analyze and visualize years of logs using Jupyter notebooks via the Scanner Python SDK. Scanner for Jupyter is particularly helpful for unlocking two use cases - Response-as-Code and Advanced threat hunting on historical logs. We’re excited by these use cases and others that are unlocked when you can finally retain years of historical logs and search them at high speed!
Announcing Scanner for Jupyter: Response-as-Code and Advanced Threat Hunting
Scanner.dev,发布于领英
-
We're excited to announce our partnership with the team and community at Cyber Security Tribe alongside some great companies like Island, Wiz, and Oasis Security
Cyber Security Tribe is proud to introduce Scanner.dev as a knowledge partner: Lightning-fast threat hunting through all of your logs. Sound on for full effect! #SIEM #threathunting #cloudstorage Cliff Crosland