Query.AI is streamlining IT and security data management through its cloud-based virtual analyst application.
Founder Dhiraj Sharan will present at 1 Million Cups Fargo on Wednesday, March 13.
Query.AI’s product starts from the premise that many organizations collect data on IT and security issues, but they aren’t able to proactively use that data.
“Generally organizations do have information in some form or another captured in the IT systems,” Sharan said, “but it’s not often easily accessible to end users.”
The idea is to improve experiences IT teams have, making their jobs a little easier to do.
IT data lakes such as Splunk and ELK (Elasticsearch) already exist, and IT and security analysts are often able to search for or through that data. But those analysts are experts, and they too need to do lot of manual effort to get answers and insights. Query.AI sits between those data lakes and end-users to make (a) expert analysts more productive, and (b) make the information accessible to non-experts.
The Query.AI product offers users a virtual analyst, what Sharan thinks of as an analyst assistant, named IRIS, which tries to understand users’ questions.
“You don’t have to worry about using a particular interface,” Sharan said. Rather, users ask the analyst a question in plain English. The system allows for users to ask follow-up questions to build a deeper investigation. A typical example relevant for an IT analyst investigating a security alert for a server, would be to ask which users had logged in to that server, what activity did they do, etc.
Users can ask a series of related questions, which can be combined and saved as an “investigation.” Saved investigations can be reused in the form of “investigation playbooks.” Analysts can write and share playbooks within the Query.AI community. In this way the system grows more intelligent with more use.
“Once you have these investigation playbooks, you don’t even need to manually ask questions from that point onward,” Sharan said.
Instead, users can run playbooks of their most useful previous investigations to pull up information they routinely need to use.
“It democratizes data to some extent,” Sharan said, since such data is often either hard to access or hard to use under current conditions.
As Query.AI continues, Sharan said they are thinking about how to answer more difficult, open-ended questions; for example, “What should I look at?” and “Tell me something interesting,” about the available data.
Sharan has a 20-year background in enterprise IT and security products, and he is a veteran of several previous start-ups in the field, each of which he sees building on the work of the last.
Work on Query.AI began in earnest last summer, and the company has already been named Company of the Year by the Brookings Innovation Center. The company has an early beta of the product, which Sharan says they are “happily demoing” to interested parties. Email contact@query.ai if your organization has a data lake like Splunk or ELK (Elasticsearch).
1 Million Cups Fargo takes place each Wednesday at 9:30 a.m. at The Stage at Island Park. For more information on Query.AI, visit query.ai.