Earlier this week, we were excited to announce our oversubscribed $15 million Series A round of financing, led by new investor SYN Ventures with participation from existing investors ClearSky Security and South Dakota Equity Partners. The funding further validates the market demand for our one-of-a-kind solution that gives companies full control of security investigations within a single, unified interface.
Query.AI was founded to solve a major problem for enterprises today – ransomware, breaches, and other cyberattacks are continuing to increase at record rates while the amount of enterprise data is exploding and becoming more and more decentralized and distributed across cloud, third-party SaaS, and on-prem environments. Businesses of all sizes collect data from a wide range of sources, including AWS, Google Cloud Platform, Azure, Microsoft 365, multiple SaaS applications (typically 50-100), plus a ticketing system. This is compounded by scale challenges with gigantic-volume data sources like DNS, Flow, Proxy, Cloudtrail, and Endpoint data.
In addition, multinational corporations use siloed data due to regulatory compliance requirements across different countries or regions, and while it still may have its place for compliance and retention situations, the onslaught of decentralized data has rendered universal data centralization models impractical for security investigations. As data volumes exponentially increase, so do alerts that security teams need to review and investigate from an inordinate number of tools.
Among the range of tools, organizations are using SOAR and XDR in an attempt to solve the problems of data decentralization, but they’re not the answer. Enterprises have found that SOAR requires time-consuming software engineering efforts to build playbooks and manage API integrations. In fact, according to a study by the Ponemon Institute, the average organization spends $2.7 million per year on engineering work to integrate disparate security data and yet only 23 percent consider their security engineering efforts as very valuable. And, while XDR definitions are all over the map, XDR still relies on a single platform provider to do all the collecting, aggregating, correlating, and analyzing. To try and adjust, SOC analysts are also increasingly relying on their endpoint protection or a focused threat detection product to address the issue, but neither option gives them the full picture to truly assess what is happening in their environment.
In the end, SOC analysts spend their days doing swivel-chair analytics, pivoting between siloed tools to manually correlate the data to determine what they should investigate before they can actually respond. It’s an exhaustive, time-consuming, and burnout-inducing way to work for security teams that are already stretched thin.
The Query.AI security investigation platform solves this problem by serving as the connective tissue that provides real-time insight for security data across platforms no matter where it resides – the cloud, third party SaaS, or on-prem systems. Our API-enabled platform does not require the transfer or duplication of data. It simultaneously normalizes, aggregates, enriches, visualizes, and analyzes alert data that lives across cybersecurity systems with a single, unified browser interface. And, it makes security operations teams more productive much faster by giving them the flexibility to ask questions via text, natural language, or Unified Query Language, and helping them quickly understand data relationships so they can initiate response actions.
The pain point is real, and the market is responding to our solution. We’re already generating revenue from several enterprise-level organizations, many of which are MSSPs for parent companies with numerous affiliates. We have an extremely healthy pipeline, and the new funding will go toward scaling customer support, the continued expansion of the Query.AI security investigations platform, as well as its expanding library of integrations with additional technology providers across cloud, third-party SaaS, and on-prem environments.
The entire Query.AI team is excited for the opportunity to continue our work to help enterprises accelerate cybersecurity investigations and efficiently respond to and mitigate threats.
Want to learn more about our innovative security investigations platform? Book a demo, today!
Written by Dhiraj Sharan
Dhiraj is the founder and CEO of Query.AI. He is an innovator and expert developer with 18 years of problem solving and solutions development in cybersecurity including over 10 patents. He has lead engineering for companies like ArcSight, HPE, Niara and Aruba.