Share Blog Post
Why Cyware Query Language (CQL)?
- Flexible querying: Akin to other structured query languages, CQL provides a syntax for security analysts to request queries textually but with more flexible and extensive querying capabilities such as searching for keywords or keyword exceptions. Also, CQL helps in exporting and reporting in a more flexible way by providing the relevant data
- Advanced filtering: CFTR is equipped with a wide range of advanced filters that can be used to narrow down any given query. Within a few clicks, security analysts can seek answers to their queries with the help of the in-built filters. CQL is capable of fetching greater than, less than, and equal numeric values and dates.
- Use of multiple conditions: Security analysts can add multiple conditions together to create queries, filtering out the noise or exploring data more deeply. That’s where CQL provides assistance.
Making a Security Analyst’s Life Easier
- Reuse CQL Queries: Once analysts build a CQL query to fetch information, they can save those queries for future references and reuse them later without building them again. Furthermore, the saved search can be used to create and share reports with key stakeholders, helping them make better decisions.
- Reduced Response Time: CQL comes with advanced filtering options that allow security analysts to accelerate their investigations and reduce the mean time to respond (MTTR) to threats. For example, security teams can quickly retrieve the high-priority IP Spoofing incidents that are in the open state.
Get Your Queries Answered Now!
Posted on: September 27, 2022
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...