Query

Cisco don't innovate they just buy other businesses! 💲 Blah blah blah - I'm bored of hearing that! 🥱 What often get's overlooked/not mentioned/intentionally ignored is the fact that they also have a specialised investment practice for helping early stage start ups develop their platforms and bring them to the market. Oh - Who knew Cisco Investments was a thing! Yes, they will of course go on to purchase some of these businesses as they grow in market share and when it makes sense to bring them into the portfolio. But why shouldn't they? I'm pretty sure the founders of these organisations will be pretty happy with the few million they'll be receiving, and I'm sure in some cases, these companies wouldn't have had the chance if it wasn't for the investments mad by Cisco. Look at some of the excellent names we'll hopefully eventually see being brought under the Cisco Security banner: • Aliro - Advanced Secure Networks which include Post-Quantum Cryptography (PQC). • AppOmni - LOVE these guys. Pioneered SSPM and huge value added to SSE solutions. Done some posts about them already. • Binalyze - Investigation and response automation. I wonder if this kind of DFIR function will find it's way into XDR? • Expel - A great offering for MDR services. • GetReal - Malicious digital content and deepfake protection. • HYCU, Inc. - SaaS Data Protection Platform. • JupiterOne - Been around a while. Asset management but explains how assets are connected. • Query - a federated search platform delivering a single search bar to access all your security-relevant data, wherever it is stored. • Securiti - ONE TO KEEP AN EYE ON - a centralised platform that enables the safe use of data and GenAI. • SGNL - grants and revokes contextual access in real-time, drastically reducing the blast radius of a possible breach • Upstream Security - a cloud-based, AI-powered data management platform purpose-built for connected vehicles, smart mobility, and IoT ecosystem. If you have any questions on these or any other components of the broader Cisco Security Portfolio, please feel free to give me or any of the team at CAE Technology Services Limited a shout. [87/100]

Competing directives can be... confusing. How can you move away from expensive data centralization but make better/faster use of the data you need? And like... actually. Not just in the short term, and not just shifting budget from one vendor to the other. The answer: Query Our vendor agnostic approach to federating search let's you take advantage of more efficient data stores, or just leave the data where it is, while hunting/investigating/responding faster via more efficient process (less pivots, one search language, automagically normalized results, etc). It's a two for one kinda thing. So, when leadership comes down and says you have to do more and spend less, don't sweat it.

Great conversations happen over great meals. Join several SYN portfolio companies during #RSAC for an exclusive breakfast and lunch event, where leading vendors will demonstrate how AI-driven security, predictive intelligence, federated search, and cloud identity security are the next generation of cybersecurity. Reserve your spot now at the link in comments! #RSAC2025 BforeAI P0 Security Reveal Security Query Terra Security

In the last episode of the #SecDataOpsCast, Neal Bridges and Jonathan Rau explored how the data landscape has transformed over the past decade. Previously, logging in traditional on-premise environments was manageable. As public cloud adoption exploded, so did the sources and volume of data. How did the rapid growth of CSPM and cloud technology acquisitions drive this surge in complexity and helped reshape security challenges as we know them? Want to see the full episode? Check out the replay here: https://hubs.li/Q03dGnz80 #CyberSecurity #CloudSecurity #DataOps #SecOps #CloudComputing

Navigating the analysis phase in cybersecurity is truly an art and a science. In this clip from the latest episode of the #SecDataOpsCast, Neal Bridges and Jonathan Rau discuss how blending hands-on experience with solid metrics transforms raw data into actionable insights for clients. Curious to learn more about how these challenges are tackled and how you can apply similar strategies to your own work? Check out the full webinar here: https://hubs.li/Q03dxJD_0 #CyberSecurity #Infosec #DataOps #SecOps #DataAnalytics

Security investigations aren’t linear. They are a series of questions, answers, pivots, and decisions. That’s why we’ve focused on enhancing what happens after the query in the latest release of Query Federated Search → https://hubs.li/Q03dvt2l0 IDEA: What if you could spend less time finding and preparing the data and more time analyzing it and responding? #CyberSecurity #ThreatHunting #SecurityOps #FederatedSearch #DataSecurity #SecDataOps

How is your organization addressing #SecDataOps? Neal Bridges and Jonathan Rau sat down to dig in on the bits that really matter: • Learn how visual mapping and agile analysis can streamline your SOC operations. • Discover how companies are addressing security data challenges to reduce incident response times and costs. • Gain perspective on the evolving landscape of cloud security acquisitions and its impact on operational efficiency. Check out the full episode and see how these strategies create savings and a more stable and effective security posture. Watch it here: https://hubs.li/Q03dbqBc0 #SecDataOpsCast #Cybersecurity #Infosec #DataOps #DevSecOps #CloudSecurity

🚨 New Blog: CrowdStrike + Query Federated Search = Better Security Ops 🚨 CrowdStrike is far more than an EDR platform. With tools like Spotlight, Identity Protection, and LogScale, the Falcon platform delivers massive coverage, but also a lot of data! How do you search across all that data *without* duplicating it? 🔍 Enter Query Federated Search. Query connects directly to Falcon APIs, LogScale, and Falcon Data Replicator (FDR), letting you: ✅ Search across all CrowdStrike data without duplicating it ✅ Normalize detections, incidents, and alerts into one data model: OCSF ✅ Correlate CrowdStrike data with Microsoft Intune, Entra ID, JAMF, Cribl, and more ✅ Support Zero Trust Assessments and Identity Protection use cases ✅ Enable smoother migrations from incumbent EDRs like Carbon Black or MDE ✅ Enhance decision support in complex or decentralized environments It’s not a SIEM replacement—it’s a force multiplier. 👀 Learn how SOC teams are using Federated Search to simplify investigations, eliminate data silos, and get full-fidelity answers faster. 👉 Read the blog: https://hubs.li/Q03dcxVb0 #FederatedSearch #SecDataOps #EDR #CrowdStrike #SecurityArchitecture #ITOps #XDR #LogScale #SecurityAnalytics #Falcon #OCSF #SOAR

Security teams are drowning in data. Firewalls, EDRs, IDS, and cloud logs generate terabytes of telemetry daily—but traditional SIEMs and log management tools struggle with cost, scale, and performance. Enter Delta Lake, an open table format that eliminates vendor lock-in while ensuring ACID transactions, schema enforcement, and high-speed analytics for security operations. With Delta, SecOps and SecDataOps teams can: ✅ Ingest high-velocity security logs at scale ✅ Query historical + real-time data with DuckDB, Athena, & PySpark ✅ Run detections faster—without waiting on SIEM indexing ✅ Reduce costs by decoupling compute from storage ✅ Keep full-fidelity logs without breaking the budget Why does this matter? 🔹 Faster threat detection with structured, scalable log storage 🔹 More flexibility for detection engineering & security investigations 🔹 Open-source, cost-effective, and not locked into a single vendor We break it all down in our latest blog, including how to set up Delta Lake for security data, generate synthetic logs, and run real-world security queries with DuckDB. Read more here: https://hubs.li/Q03d3QRs0 Have you tried open table formats for security logs? Let’s discuss! 🔥 #SecDataOps #SecOps #DeltaLake #SIEM #BigData #SecurityAnalytics