Gravwell is an enterprise data fusion platform that enables security teams to investigate, collaborate, and analyze data from any source, on demand, all with unlimited data collection and retention. Ingest everything. Investigate anything.
Gravwell to Showcase Threat Hunting Innovations at RSA Conference 2023 in Booth #60862
GRAVWELL 5.2 INTRODUCES A NEW SET OF DYNAMIC THREAT HUNTING FEATURES WHICH LOWER THE BARRIER TO ENTRY FOR ANALYSTS
April 2023 -- Gravwell, a leading provider of big data solutions that help customers improve enterprise log management, threat hunting, and security lakes, is excited to announce its participation in the RSA Conference 2023. Attendees can visit Gravwell at Booth #6086 in the North Hall of the Moscone Center to learn more about the company's latest release, Gravwell 5.2.
Gravwell 5.2 offers new features to remove the barrier to entry for threat hunting. With hunting help like query autocomplete, diagnostics, auto-field aggregation, and more, even novice threat hunters can combat advanced threats who are "living off the land" within their environments. The update represents Gravwell's ongoing commitment to delivering advanced data analytics capabilities in a user-friendly interface.
“In my earlier career, I developed custom 0day exploits and became alarmed at how easily an attacker with novel techniques could evade detection by living off the land. The essence of threat hunting lies in understanding your environment and asking a lot of questions. To achieve that, access to data and a dynamic query capability is crucial. Traditional SIEM systems often fall short of empowering both seasoned and novice analysts to delve into their data and address crucial concerns. With this release, we are taking a significant stride towards enhancing the defender's advantage capabilities and minimizing the time attackers can linger in your system undetected.” said Corey Thuen, CEO of Gravwell.
Key features of Gravwell 5.2 include:
Autocomplete: Gravwell now offers completion hints for most parts of the query language, including tag names, modules, flags, enumerated values, and resources.
Diagnostics: Improved error messages and diagnostics help users identify issues in their queries and even offer suggestions for improvements.
Folds and Formatting: Users can now collapse compound query segments (folding) and pretty print their entire query (formatting) for better readability.
Command Palette: The Command Palette, accessible via right-click or F1, offers additional editor commands for a more streamlined experience.
Take advantage of the opportunity to see Gravwell 5.2 at Booth #6086 during the RSA Conference 2023. For more information about Gravwel and to get a trial of our cybersecurity solutions, visit www.gravwell.io/ce to activate your license.
Corey Thuen, CEO of Gravwell, is available to discuss the security implications of limiting and capping the data ingested and the benefits of a built-from-scratch platform capable of exceeding over 100 TBs a day. Please email firstname.lastname@example.org to schedule a timeslot.
Gravwell is an enterprise data fusion platform that enables security teams to investigate, collaborate, and analyze data from any source, on-demand, all with unlimited data collection and retention. Stop sacrificing security by limiting what you ingest, and ingest all your logs/events without being locked into consumption-based pricing models. Gravwell's user-friendly platform empowers users to gain valuable insights from their data, driving better decision-making and improved operational efficiency. For more information, visit www.gravwell.io.
P.O. Box 51534
Idaho Falls ID 83405
United States of America