Announcing Matano now available in Preview

The rise of the Security Data Lake and Matano OSS

Matano started off last year as an open source project to address the pain points of legacy SIEM – dated search-based architectures for unstructured logs that lead to costly ingest licenses, limitations on data retention, ineffective correlation and alert fatigue to name just a few.

A rapid increase in data volumes is attracting cloud-first security organizations to the promise of a “Security Data Lake” as a scalable and cost-effective solution to analyze all the security logs in an enterprise at a fraction of the cost. Building out a security data lake and making it accessible to your team, however, has always been a huge challenge.

Matano OSS was born out of the goal to make security data lakes easier to operationalize for the average security team and has become popular in the community as a refreshingly open and modern solution for analyzing security logs in the cloud.

Matano SIEM available in preview

Today we are announcing our fully managed SIEM offering for Matano to help you detect threats faster in the cloud. The platform is built around an embedded security data lake and Security Graph and includes advanced features such as seamless data collection, transformation, and normalization, detection-as-code, real-time threat intelligence / data enrichment, and a scalable & open security data lake model that lets you retain ownership over your data with unlimited data retention.

Matano SIEM is available in two deployment modes: a fully managed option where Matano manages all data processing infrastructure in a dedicated single tenant environment on your behalf (Cloud) or a self-managed deployment that you can run in your cloud, fully air-gapped inside your AWS VPC (Enterprise).

Matano Cloud and Enterprise are available with both managed analytics or as Bring Your Own Lake (Snowflake, AWS, and more) allowing you to use your existing enterprise data platform and cloud credits alongside Matano as a security layer.

MQL - A unified query language for security data lakes and graphs

We're also excited to introduce Matano Query Language (with Splunk SPL compatibility), an intuitive search language aimed at simplifying the lives of security analysts and making it easier to explore and search logs in security data lakes. At Matano, we understand that security analysts often prefer search-style query languages like Splunk SPL for their familiarity and ease of use. However, when transitioning to Security Data Lakes, they were previously faced with the daunting task of learning SQL, creating a significant barrier to entry.

MQL (with Splunk SPL compatibility) changes the game by offering a unified query language that speaks the language of security analysts. With a user-friendly, search-style syntax reminiscent of Splunk SPL, MQL empowers analysts to interact seamlessly with security data lakes and join this data with security graphs for asset context enrichment and visualization all without the need to learn SQL. This supercharges the threat detection and response capabilities of your team by making detection engineering and threat hunting on a security data lake easier than ever. Welcome to a new era in security analysis.

Stay tuned

We’re still in preview, and are happy to share much more soon. Check out our new website, request early access, and join the waitlist to be notified of updates.