• How To Search Your Security Logs For Threat Indicators From The October 2023 Okta Breach

    A few days ago, Okta announced a breach of their support systems, which may have caused cookies and session tokens to be compromised. To help their users detect activity from attackers, they published a list of threat indicators, specifically IP addresses and user agents, that may be connected with activity from these attackers. Many teams…

    Read more

  • Why We’re Building Scanner: Data Lake Search Must Be Fast

    At our previous startup, our application and security logs experienced a rapid increase in volume – and so did our log management bill. We didn’t want to spend $1M per year on Splunk or other traditional logging tools, so we started deleting logs or moving them into S3. This made investigations painfully difficult. Sometimes the…

    Read more

  • Ready, Set, Cloud! Podcast: How Scanner Built an Ultra-Fast Serverless Data Lake

    Scanner CEO and Co-founder, Cliff Crosland, joins Ready, Set, Cloud! Podcast host, Allen Helton, for a conversation about how and why we built Scanner’s security data lake, Rust, serverless Lambda functions, and goats.   Episode Summary Have you ever wondered why querying your data lakes were so slow? Or, if you’re like Allen, did you…

    Read more

  • Faster Querying, Basic Aggregations, and Saved Queries

    We’re excited to announce the release of a few new features our customers have been asking for. Even faster querying Queries are now powered by a new monoid data structure server we built in Rust. The monoid server is about 2x faster than Redis for our specific use case, and we’ll share more on that…

    Read more

  • A Deep Dive Into An Incident Response With Your Security Data Lake

    As almost all security teams will tell you, managing logs can be quite expensive, with common tools like Splunk and Datadog frequently becoming a top five budget item for the team. To reduce costs, teams sometimes move their logs into a data lake built on top of cheap object storage, like S3, and they use…

    Read more

  • Rustacean Station Podcast: A Conversation About Scanner’s Security Data Lake Powered By Rust

    Scanner CEO and Co-Founder Cliff Crosland had the pleasure of sitting down with Rustacean Station Podcast host Allen Wyma to discuss Scanner’s Next-gen Security Data Lake tool powered by Rust. To listen to this episode head over to The Rustacean Station, and you can read the full transcript below. Allen Wyma Hello and welcome to another episode…

    Read more

  • Scanner’s Security Data Lake: Pushing Hardware to its Fundamental Limits

    Hardware abstractions are great, but we are spoiled. Cloud services like AWS, GCP, and Azure have provided a remarkable abstraction layer that allows software engineers to avoid thinking about physical hardware. Unfortunately, this abstraction comes at a cost. If you don’t take the time to understand what your software is doing with the underlying hardware,…

    Read more

  • Advanced Persistent Threats in your Security Logs

    As we’ve built Scanner, we’ve learned a tremendous amount from our users about the important role that security logs play in detecting threats. Among the most insidious adversaries they face is the Advanced Persistent Threat (APT). These are complex, multi-staged, and stealthy cyber-attacks, sometimes sponsored by nation-states or cybercrime syndicates. Their primary aim is to…

    Read more

  • Serverless Speed: Rust vs. Go, Java, and Python in AWS Lambda Functions

    At Scanner, we use serverless Lambda functions to perform fast full-text search over large volumes of logs in data lakes, and our queries need to be lightning fast. We use Rust for this use case, but we wanted to know how Rust compared with Go, Java, and Python in terms of performance. We pitted the…

    Read more

  • Getting started with serverless Rust in AWS Lambda

    At Scanner, we use Amazon Lambda functions and Rust in our log query engine. While Rust is technically supported in Lambda functions, it is not as easy to set up as the officially blessed languages: Node.js, Python, Ruby, Java, Go, C#, and PowerShell. In this post, we’ll show you how to build a Lambda function…

    Read more

  • Scanner at DeveloperWeek 2023

    Join Scanner at DeveloperWeek 2023 in February. In this talk, our Co-founder, Cliff, will show how we compared Rust’s performance in AWS Lambda functions against other languages, specifically Go, Java, and Python. We’ll also cover some surprising ways you can tune Lambda performance, like how increasing lambda memory allocation will actually increase network bandwidth to…

    Read more