Sqrrl Blog

Oct 7, 2015 9:00:00 AM

Sqrrl Releases Enterprise 2.3

The newest Sqrrl release, Sqrrl Enterprise 2.3, unveils a number of features which enhance the user experience and platform capabilities. So whether you’re an experienced hunter using Sqrrl today, or just discovering us for the first time, take a look at some of these new and noteworthy enhancements to the platform that lets you target, hunt, and disrupt your adversaries.

Read More

Topics: Sqrrl Enterprise, Data Analysis, Big data security analytics

Jun 3, 2015 2:58:00 PM

The Power of Knowing: Detecting Anomalies in Cyber Security Data

By Joe Travaglini, Director of Products

When it comes to analyzing root cause of an incident, it’s not only a matter of finding the trigger event, but also the the sequence of events that set the stage, and sometimes even the intent.  Drawing a comparison to the real world, in the case of a fire, was it some electrical malfunction, a rogue cigarette that wasn’t properly extinguished, or was it arson?  In cybersecurity, making this type of assessment is the role of forensic investigations.  What did the attack look like and where did it come from?  Given the well documented numbers about how long a threat exists in a latent form within a network, we can certainly be doing a better job reducing Mean Time to Know.  

Read More

Topics: Cybersecurity, Data Analysis, Linked Data, Outlier Detection

Mar 31, 2015 8:30:00 AM

Linked Data > Log Data: The Power of Context

By George Aquila

Many enterprise security tools, including SIEMs, Incident Response, and Network Analysis tools are log-based. However, making sense of log files can be tricky, since logs typically exist without context (i.e., it is hard to understand how they relate to the larger cybersecurity environment around them). Luckily, there is a more effective way of organizing your data: using a Linked Data approach.

Read More

Topics: Accumulo, NoSQL, Big Data, Data Analysis, Linked Data

Mar 5, 2015 8:30:00 AM

Cyber Pattern-of-Life Analysis

By Ely Kahn

Pattern-of-life analysis is a well-known (and sometime controversial term) in the US Intelligence Community. One definition of pattern-of-life analysis is:

"A method of surveillance specifically used for documenting or understanding a subject's (or many subjects') habits. This information can then be potentially used to predict future actions by the subject(s) being observed. This form of observation can, and is, generally done without the consent of the subject, with motives including but not limited to security, profit, scientific research, regular censuses, and traffic analysis. Unlike these specific areas of surveillance, pattern-of-life analysis is not limited to one medium and can encompass tracking anything in an individual's (or system of individuals') life from their internet browsing habits to their geophysical movements."

Read More

Topics: Big Data Security, Breach Detection, Data Analysis