Sqrrl Behavior Graph on:
[Wikipedia]
[Google]
[Amazon]
Sqrrl Data, Inc. is an American company founded in 2012 that markets software for
Sqrrl’s main product is a visual
Official web site
The Threat Hunting Project
Cloud computing providers Organizations based in Cambridge, Massachusetts American companies established in 2012 Software companies based in Massachusetts Amazon (company) acquisitions Amazon Web Services Defunct software companies of the United States
big data
Though used sometimes loosely partly because of a lack of formal definition, the interpretation that seems to best describe Big data is the one associated with large body of information that we could not comprehend when used only in smaller am ...
analytics and cyber security
Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, the ...
. The company has roots in the United States Intelligence Community
United may refer to:
Places
* United, Pennsylvania, an unincorporated community
* United, West Virginia, an unincorporated community
Arts and entertainment Films
* ''United'' (2003 film), a Norwegian film
* ''United'' (2011 film), a BBC Two fi ...
and National Security Agency
The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collecti ...
. Sqrrl was involved in the creation of, and actively contributes to Apache Accumulo
Apache Accumulo is a highly scalable sorted, distributed key-value store based on Google's Bigtable. It is a system built on top of Apache Hadoop, Apache ZooKeeper, and Apache Thrift. Written in Java, Accumulo has cell-level access labels and ...
and other related Apache projects. Sqrrl’s primary product is its threat hunting platform, designed for active detection of advanced persistent threat
An advanced persistent threat (APT) is a stealthy threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may ...
s.
In January 2018, Sqrrl was acquired by Amazon
Amazon most often refers to:
* Amazons, a tribe of female warriors in Greek mythology
* Amazon rainforest, a rainforest covering most of the Amazon basin
* Amazon River, in South America
* Amazon (company), an American multinational technology c ...
.
History
Most of Sqrrl’s founders previously worked for the National Security Agency; CEO and Co-Founder Oren Falkowitz, formerly of theUnited States Cyber Command
United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integr ...
and Co-Founder Ely Kahn, former director of US cybersecurity policy. Sqrrl's platform relies on the open-source Apache Accumulo
Apache Accumulo is a highly scalable sorted, distributed key-value store based on Google's Bigtable. It is a system built on top of Apache Hadoop, Apache ZooKeeper, and Apache Thrift. Written in Java, Accumulo has cell-level access labels and ...
technology. Accumulo began development in 2008 and went open source in 2011; Sqrrl was founded in the summer of 2012 to use Accumulo for cybersecurity. Sqrrl was founded in Washington, D.C.
)
, image_skyline =
, image_caption = Clockwise from top left: the Washington Monument and Lincoln Memorial on the National Mall, United States Capitol, Logan Circle, Jefferson Memorial, White House, Adams Morgan, ...
, but quickly moved to Cambridge, Massachusetts
Cambridge ( ) is a city in Middlesex County, Massachusetts, United States. As part of the Boston metropolitan area, the cities population of the 2020 U.S. census was 118,403, making it the fourth most populous city in the state, behind Boston, ...
.
In August 2012, Sqrrl announced a $2 million seed round led by Accomplice
Under the English common law, an accomplice is a person who actively participates in the commission of a crime, even if they take no part in the actual criminal offense. For example, in a bank robbery, the person who points the gun at the teller ...
(formerly Atlas Venture) and Matrix Partners
Matrix Partners is a US-based private equity investment firm focusing on venture capital investments. The firm invests in seed and early-stage companies in the United States and India, particularly in the software, communications, semiconduct ...
.
In October 2013, Sqrrl received $5.2 million in funding led by Accomplice and Matrix Partners.
In February 2015, Sqrrl raised another $7.1 million funding for its linked data
In computing, linked data (often capitalized as Linked Data) is structured data which is interlinked with other data so it becomes more useful through semantic queries. It builds upon standard Web technologies such as HTTP, RDF and URIs, but ...
analysis toolkit.
On January 24, 2018, it was reported that Sqrrl had been acquired by Amazon
Amazon most often refers to:
* Amazons, a tribe of female warriors in Greek mythology
* Amazon rainforest, a rainforest covering most of the Amazon basin
* Amazon River, in South America
* Amazon (company), an American multinational technology c ...
and would become a part of Amazon Web Services
Amazon Web Services, Inc. (AWS) is a subsidiary of Amazon.com, Amazon that provides Software as a service, on-demand cloud computing computing platform, platforms and Application programming interface, APIs to individuals, companies, and gover ...
.
Threat hunting platform
Sqrrl’s main product is a visual cyber threat hunting
Cyber threat hunting is a proactive cyber defence activity. It is "the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions." This is in contrast to tradit ...
platform which combines technology such as link analysis and user behavior analytics
User behavior analytics (UBA) is a cybersecurity process regarding the detection of insider threats, targeted attacks, and financial fraud that tracks a system's users. UBA looks at patterns of human behavior, and then analyzes observations to det ...
. User, entity, asset, and event data are combined into a behavior graph which users navigate to respond to security incidents as well as search for undetected threats. Sqrrl integrates into Security Information and Event Management (SIEM) systems, such as IBM's QRadar. The platform also integrates machine learning
Machine learning (ML) is a field of inquiry devoted to understanding and building methods that 'learn', that is, methods that leverage data to improve performance on some set of tasks. It is seen as a part of artificial intelligence.
Machine ...
and risk-scoring.
Awards
Sqrrl was mentioned in cyber security industry marketing, such as SC Mag’s Top Innovator award in 2015 and 2016 and a 2017 Cybersecurity Excellence Award in a new "Threat Hunting" category.See also
*Apache Software Foundation
The Apache Software Foundation (ASF) is an American nonprofit corporation (classified as a 501(c)(3) organization in the United States) to support a number of open source software projects. The ASF was formed from a group of developers of the A ...
* Big data
Though used sometimes loosely partly because of a lack of formal definition, the interpretation that seems to best describe Big data is the one associated with large body of information that we could not comprehend when used only in smaller am ...
* Bigtable
Bigtable is a fully managed wide-column and key-value NoSQL database service for large analytical and operational workloads as part of the Google Cloud portfolio.
History
Bigtable development began in 2004.. It is now used by a number of Googl ...
* Cyber threat hunting
Cyber threat hunting is a proactive cyber defence activity. It is "the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions." This is in contrast to tradit ...
* MapReduce
MapReduce is a programming model and an associated implementation for processing and generating big data sets with a parallel, distributed algorithm on a cluster.
A MapReduce program is composed of a ''map'' procedure, which performs filtering ...
* Real-time database A real-time database is a database system which uses real-time processing to handle workloads whose state is constantly changing. This differs from traditional databases containing persistent data, mostly unaffected by time. For example, a stock ma ...
* User behavior analytics
User behavior analytics (UBA) is a cybersecurity process regarding the detection of insider threats, targeted attacks, and financial fraud that tracks a system's users. UBA looks at patterns of human behavior, and then analyzes observations to det ...
References
{{ReflistExternal links
Official web site
The Threat Hunting Project
Cloud computing providers Organizations based in Cambridge, Massachusetts American companies established in 2012 Software companies based in Massachusetts Amazon (company) acquisitions Amazon Web Services Defunct software companies of the United States