Welcome to our blog

Over the past five years, I’ve supported dozens of organizations through cyber crises as an incident response manager. Here’s a conversation I’ve found myself having in almost every ransomware incident:

For years, IT teams looked at their systems like a night sky, counting servers, logs, and databases one by one. Just a few points of light. But what if those dots could connect?

We all know the feeling of running a query, staring at some spinner for minutes (or more), waiting, and waiting…

On paper, AI has been “part of” security operations for years. Every SIEM, EDR, and SOAR vendor has a story about machine learning.

Imagine you want to build a system that needs to search through petabytes of log data, with new logs streaming in at multiple terabytes per day.

Query planners are a cool piece of software that exists in every database or SQL engine out there.

Writing Kusto Query Language (KQL) queries to analyze security logs can be challenging, especially for non-technical users or those unfamiliar with its syntax. In this blog, we explore how Vega Security leverages AI - specifically large language models (LLMs), text embeddings, and vector similarity search - to enable seamless translation from natural language (NL) to KQL. We’ll discuss our approach, the challenges we encountered, and the impact of this technology on cybersecurity operations.‍

Have you ever wondered how Elasticsearch works? How is it so fast? What makes it different from other databases like PostgreSQL? What cool data structures are at play?

Around six months ago, I made the decision of choosing Remix as the foundation for our company’s web application. Fast forward to today, and I think it’s time to take a step back and reflect on the choices we made.