A flexible data parsing and analytics tool can do pretty much anything, especially if it's something you suddenly and urgently need. Like importing your Skype conversation history to Slack.
Here are the release notes for SpectX v. 1.4 released on 7 September 2018. Featuring queries at anything that speak S3 but also at traditional SQL-databases. AD-support has been a frequently asked feature and is now live. Last but not least, in addition to charts, you can now launch map-visualisations based accurate queries on your datasets (pew-pew!).
When talking to infosec experts about their log-related endeavours, Splunk is a household word. We frequently find ourselves patiently and passionately explaining the differences between this well-known giant and SpectX. Here’s a write-up to go more into details than just stressing the limitations of pricing and data import.
The modern concept of security analytics involves more dimensions than ever. Traditional logs from network devices and hosts must be combined with malware analysis, network traffic analysis, endpoint visibility as well as data provided by threat intelligence feeds.
Digging deeper into the typosquatting operation: popular domains
This is the sequel to exploring BlueCoat proxy logs. Having defined their structure I now proceed to analyse actual log content. As my knowledge of the origin of these sample logs is limited, I'll try to extract as much information about the nature of proxy deployment, user behaviour and their geographical location.
I recently came across an article about an introductory open data exercise analytics using Python (scraping web, extracting data with regex and visualization). Fun learning indeed. But then I thought how much much time and how many lines of code it would take to do the same thing with SpectX? Let’s find out.
Finding sample logs in the web is not an easy task. This is quite understandable as log content is nowadays considered sensitive (hint: GDPR).
It's in the original raw log files where the truth lies. Here's how to quickly access and play with your data to make real discoveries.
SpectX Base is an analytics platform first and foremost for security teams. It helps them quickly get into the heart of security incidents by analysing vast amounts of unstructured logs and other raw machine data.
SpectX has raised investment from Karma Ventures for product development and growth. The startup founded by former security engineers at Skype and Swedbank is developing a powerful analytics software solution for rapid processing of unlimited amounts of data. The product will be publicly launched in autumn 2017.
It turns out that extracting useful information from logs is not easy. In fact, the processes of obtaining data and preparing it for analytics is a complicated and costly process. The aim of this whitepaper is to describe these complexities and bring out the core reasons that form the phenomena of inertia in machine generated data.
