Comment by lvh

Comment by lvh 4 days ago

1 reply

View on Hacker News

FYI: we're planning a followup post for people who are less interested in the Datomic mechanics and more interested in the usefulness to investigations and other security functions. Informally, I think of it this way: your SIEM has the deltas, but often you want the contextual states in between the deltas (and a lot of investigation is about trying to reason about that state). We built this tool originally to support that, and it turned out that approach was also super useful for things like compliance, CSPM...

We already wrote a high level blog post here: https://www.latacora.com/blog/2023/11/01/our-approach-to-bui... -- but the one I'm hoping to write is more of a case study.