Sqrrl on:
[Wikipedia]
[Google]
[Amazon]
Sqrrl Data, Inc. was an American company founded in 2012 that marketed software for
Sqrrl’s main product is a visual cyber threat hunting platform which combines technology such as link analysis and
Official web site
The Threat Hunting Project
Cloud computing providers Organizations based in Cambridge, Massachusetts American companies established in 2012 Software companies based in Massachusetts Amazon (company) acquisitions Amazon Web Services Defunct software companies of the United States
big data
Big data primarily refers to data sets that are too large or complex to be dealt with by traditional data processing, data-processing application software, software. Data with many entries (rows) offer greater statistical power, while data with ...
analytics and cyber security
Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and networks from thr ...
. The company has roots in the United States Intelligence Community
The United States Intelligence Community (IC) is a group of separate US federal government, U.S. federal government intelligence agencies and subordinate organizations that work to conduct Intelligence assessment, intelligence activities which ...
and National Security Agency
The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the director of national intelligence (DNI). The NSA is responsible for global monitoring, collection, and proces ...
. Sqrrl was involved in the creation of, and actively contributes to Apache Accumulo
Apache Accumulo is a highly scalable sorted, distributed key-value store based on Google's Bigtable. It is a system built on top of Apache Hadoop, Apache ZooKeeper, and Apache Thrift. Written in Java, Accumulo has cell-level access labels and ...
and other related Apache projects. Sqrrl’s primary product is its threat hunting platform, designed for active detection of advanced persistent threat
An advanced persistent threat (APT) is a stealthy threat actor, typically a State (polity), state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the ...
s.
In January 2018, Sqrrl was acquired by Amazon
Amazon most often refers to:
* Amazon River, in South America
* Amazon rainforest, a rainforest covering most of the Amazon basin
* Amazon (company), an American multinational technology company
* Amazons, a tribe of female warriors in Greek myth ...
.
History
Most of Sqrrl’s founders previously worked for the National Security Agency; CEO and Co-Founder Oren Falkowitz, formerly of theUnited States Cyber Command
United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integra ...
and Co-Founder Ely Kahn, former director of US cybersecurity policy. Sqrrl's platform relies on the open-source Apache Accumulo
Apache Accumulo is a highly scalable sorted, distributed key-value store based on Google's Bigtable. It is a system built on top of Apache Hadoop, Apache ZooKeeper, and Apache Thrift. Written in Java, Accumulo has cell-level access labels and ...
technology. Accumulo began development in 2008 and went open source in 2011; Sqrrl was founded in the summer of 2012 to use Accumulo for cybersecurity. Sqrrl was founded in Washington, D.C.
Washington, D.C., formally the District of Columbia and commonly known as Washington or D.C., is the capital city and federal district of the United States. The city is on the Potomac River, across from Virginia, and shares land borders with ...
, but quickly moved to Cambridge, Massachusetts
Cambridge ( ) is a city in Middlesex County, Massachusetts, United States. It is a suburb in the Greater Boston metropolitan area, located directly across the Charles River from Boston. The city's population as of the 2020 United States census, ...
.
In August 2012, Sqrrl announced a $2 million seed round led by Accomplice
Aiding and abetting is a legal doctrine related to the guilt of someone who aids or abets (encourages, incites) another person in the commission of a crime (or in another's suicide). It exists in a number of different countries and generally al ...
(formerly Atlas Venture) and Matrix Partners
Matrix (formerly Matrix Partners) is a US-based venture capital investment firm. The firm invests in seed and early-stage companies in the United States and India, particularly in the software, communications, semiconductors, data storage, Int ...
.
In October 2013, Sqrrl received $5.2 million in funding led by Accomplice and Matrix Partners.
In February 2015, Sqrrl raised another $7.1 million funding for its linked data
In computing, linked data is structured data which is interlinked with other data so it becomes more useful through semantic queries. It builds upon standard Web technologies such as HTTP, RDF and URIs, but rather than using them to serve web ...
analysis toolkit.
On January 24, 2018, it was reported that Sqrrl had been acquired by Amazon
Amazon most often refers to:
* Amazon River, in South America
* Amazon rainforest, a rainforest covering most of the Amazon basin
* Amazon (company), an American multinational technology company
* Amazons, a tribe of female warriors in Greek myth ...
and would become a part of Amazon Web Services
Amazon Web Services, Inc. (AWS) is a subsidiary of Amazon.com, Amazon that provides Software as a service, on-demand cloud computing computing platform, platforms and Application programming interface, APIs to individuals, companies, and gover ...
.
Threat hunting platform
Sqrrl’s main product is a visual cyber threat hunting platform which combines technology such as link analysis and user behavior analytics
User behavior analytics (UBA) or user and entity behavior analytics (UEBA), is the concept of analyzing the behavior of users, subjects, visitors, etc. for a specific purpose. It allows cybersecurity tools to build a profile of each individual's ...
. User, entity, asset, and event data are combined into a behavior graph which users navigate to respond to security incidents as well as search for undetected threats. Sqrrl integrates into Security Information and Event Management (SIEM) systems, such as IBM
International Business Machines Corporation (using the trademark IBM), nicknamed Big Blue, is an American Multinational corporation, multinational technology company headquartered in Armonk, New York, and present in over 175 countries. It is ...
's QRadar. The platform also integrates machine learning
Machine learning (ML) is a field of study in artificial intelligence concerned with the development and study of Computational statistics, statistical algorithms that can learn from data and generalise to unseen data, and thus perform Task ( ...
and risk-scoring.
Awards
Sqrrl was mentioned in cyber security industry marketing, such as SC Mag’s Top Innovator award in 2015 and 2016 and a 2017 Cybersecurity Excellence Award in a new "Threat Hunting" category.See also
*Apache Software Foundation
The Apache Software Foundation ( ; ASF) is an American nonprofit corporation (classified as a 501(c)(3) organization in the United States) to support a number of open-source software projects. The ASF was formed from a group of developers of the ...
* Big data
Big data primarily refers to data sets that are too large or complex to be dealt with by traditional data processing, data-processing application software, software. Data with many entries (rows) offer greater statistical power, while data with ...
* Bigtable
Bigtable is a fully managed wide-column and key-value NoSQL database service for large analytical and operational workloads as part of the Google Cloud portfolio.
History
Bigtable development began in 2004.. It is now used by a number of Goo ...
* Cyber threat hunting
* MapReduce
MapReduce is a programming model and an associated implementation for processing and generating big data sets with a parallel and distributed algorithm on a cluster.
A MapReduce program is composed of a ''map'' procedure, which performs filte ...
* Real-time database
Real-time database has two meanings. The most common use of the term refers to a database system which uses streaming technologies to handle workloads whose state is constantly changing. This differs from traditional databases containing persistent ...
* User behavior analytics
User behavior analytics (UBA) or user and entity behavior analytics (UEBA), is the concept of analyzing the behavior of users, subjects, visitors, etc. for a specific purpose. It allows cybersecurity tools to build a profile of each individual's ...
References
{{ReflistExternal links
Official web site
The Threat Hunting Project
Cloud computing providers Organizations based in Cambridge, Massachusetts American companies established in 2012 Software companies based in Massachusetts Amazon (company) acquisitions Amazon Web Services Defunct software companies of the United States