Share Blog Post
What is Cyware Query Language (CQL)?
How does CQL Benefit the Analysts?
- Find intelligence at your fingertips: Using CQL, security analysts can find answers to specific threat data that can help them better comprehend the threat landscape of their organization. For example, an analyst has a complex requirement of querying and obtaining results for a list of malicious IOCs whose confidence score is greater than 75, whose TLP is RED and is enriched from sources such as VirusTotal and Risk IQ. Information on such queries helps security analysts draw critical operational insights into threats relevant to their organization, thereby making informed decisions.
- Don’t reinvent the wheel every time: Once analysts build a CQL query to fetch required information, they can save those queries for futuristic quick references and save time. These saved CQL queries in CTIX can be reused anytime without needing to build them all over again. Moreover, the saved search can be used to create and share reports with stakeholders, helping them make better decisions.
- Advanced search made easy: Analysts can use CQL to search for information in the revamped Threat Data module, schedule specific reports in the revamped Reporting module, and include specific threat data and intelligence in their Threat Bulletins. Additionally, Threat Data and Threat Investigations modules come with a simple search feature with advanced filters that analysts can use to look up information.
Build Powerful Queries with CQL
Start Accessing the Threat Data You Need
Posted on: May 18, 2022
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...