-
Latest Blog Posts
We’re excited to announce the release of new statistical aggregation functions in Scanner’s query language, which helps you explore your logs in powerful ways. Introducing stats queries Scanner supports a new stats query feature, which gives you the ability to compute statistical aggregations. * | stats by col1, col2, … For example, let’s say…
-
A few days ago, Okta announced a breach of their support systems, which may have caused cookies and session tokens to be compromised. To help their users detect activity from attackers, they published a list of threat indicators, specifically IP addresses and user agents, that may be connected with activity from these attackers. Many teams…
-
At our previous startup, our application and security logs experienced a rapid increase in volume – and so did our log management bill. We didn’t want to spend $1M per year on Splunk or other traditional logging tools, so we started deleting logs or moving them into S3. This made investigations painfully difficult. Sometimes the…
-
Scanner CEO and Co-founder, Cliff Crosland, joins Ready, Set, Cloud! Podcast host, Allen Helton, for a conversation about how and why we built Scanner’s security data lake, Rust, serverless Lambda functions, and goats. Episode Summary Have you ever wondered why querying your data lakes were so slow? Or, if you’re like Allen, did you…
-
We’re excited to announce the release of a few new features our customers have been asking for. Even faster querying Queries are now powered by a new monoid data structure server we built in Rust. The monoid server is about 2x faster than Redis for our specific use case, and we’ll share more on that…
-
As almost all security teams will tell you, managing logs can be quite expensive, with common tools like Splunk and Datadog frequently becoming a top five budget item for the team. To reduce costs, teams sometimes move their logs into a data lake built on top of cheap object storage, like S3, and they use…
-
Scanner CEO and Co-Founder Cliff Crosland had the pleasure of sitting down with Rustacean Station Podcast host Allen Wyma to discuss Scanner’s Next-gen Security Data Lake tool powered by Rust. To listen to this episode head over to The Rustacean Station, and you can read the full transcript below. Allen Wyma Hello and welcome to another episode…
-
Hardware abstractions are great, but we are spoiled. Cloud services like AWS, GCP, and Azure have provided a remarkable abstraction layer that allows software engineers to avoid thinking about physical hardware. Unfortunately, this abstraction comes at a cost. If you don’t take the time to understand what your software is doing with the underlying hardware,…
-
As we’ve built Scanner, we’ve learned a tremendous amount from our users about the important role that security logs play in detecting threats. Among the most insidious adversaries they face is the Advanced Persistent Threat (APT). These are complex, multi-staged, and stealthy cyber-attacks, sometimes sponsored by nation-states or cybercrime syndicates. Their primary aim is to…
-
At Scanner, we use serverless Lambda functions to perform fast full-text search over large volumes of logs in data lakes, and our queries need to be lightning fast. We use Rust for this use case, but we wanted to know how Rust compared with Go, Java, and Python in terms of performance. We pitted the…
-
At Scanner, we use Amazon Lambda functions and Rust in our log query engine. While Rust is technically supported in Lambda functions, it is not as easy to set up as the officially blessed languages: Node.js, Python, Ruby, Java, Go, C#, and PowerShell. In this post, we’ll show you how to build a Lambda function…
-
Join Scanner at DeveloperWeek 2023 in February. In this talk, our Co-founder, Cliff, will show how we compared Rust’s performance in AWS Lambda functions against other languages, specifically Go, Java, and Python. We’ll also cover some surprising ways you can tune Lambda performance, like how increasing lambda memory allocation will actually increase network bandwidth to…