HyprEdge
Comprehensive Query Use Cases

Federated Query & Actions Use Cases

Hunt threats, investigate incidents, and take immediate action

Query once across all your security tools, get results from everywhere, and execute responses instantly. No automation can replace what individuals can manually do with unified search and action capabilities.

Federated Query & Actions

Code & Configuration Security

Search across all code repositories, infrastructure as code, and configuration files to find security issues before they reach production.

Code Security Search

Search across code repositories for security vulnerabilities

Example Queries:

$ Find all hardcoded API keys
$ Search for SQL injection vulnerabilities
$ Show unsafe deserialization patterns

Available Actions:

Create Pull RequestBlock DeploymentRotate SecretsCreate Security Issue

Infrastructure as Code

Analyze IaC templates for misconfigurations

Example Queries:

$ Show Terraform files with public S3 buckets
$ Find Kubernetes configs with privileged containers
$ Search for missing encryption settings

Available Actions:

Block DeployCreate Remediation PRAlert DevOpsAdd to Backlog

Dependency Analysis

Search for vulnerable dependencies across projects

Example Queries:

$ Find packages with critical CVEs
$ Show outdated dependencies
$ Search for supply chain risks

Available Actions:

Update PackageBlock BuildCreate AlertGenerate SBOM

Threat Hunting & Intelligence

Proactively hunt for threats and investigate indicators of compromise across all your security tools with automatic enrichment.

Threat Hunting Across Tools

Hunt for threats across all security platforms simultaneously

Example Queries:

$ Find suspicious PowerShell executions
$ Show failed login attempts from specific IP
$ Search for file hash across all endpoints

Available Actions:

Block IPQuarantine FileIsolate EndpointKill Process

IOC Investigation & Enrichment

Investigate indicators of compromise with automatic enrichment

Example Queries:

$ Check reputation of IP address
$ Find all occurrences of suspicious domain
$ Enrich file hash with threat intelligence

Available Actions:

Block IOCAdd to Threat IntelCreate Detection RuleHunt for IOC

Real-Time Alert Investigation

Investigate security alerts with correlated evidence

Example Queries:

$ Show all alerts from specific user
$ Find related events for alert ID
$ Search for lateral movement patterns

Available Actions:

Escalate AlertCreate IncidentBlock EntityNotify SOC

Identity & Access Management

Search and analyze user activities, privileged access, and authentication events across all identity systems.

User Activity Analysis

Track and analyze user behavior across all systems

Example Queries:

$ Show all activities for specific user
$ Find anomalous login patterns
$ Search for privilege escalation attempts

Available Actions:

Lock AccountForce Password ResetRevoke SessionsAlert Manager

Privileged Access Monitoring

Monitor and audit privileged account usage

Example Queries:

$ Show all sudo commands executed today
$ Find admin access outside business hours
$ Search for shared credential usage

Available Actions:

Revoke PrivilegeRequest JustificationCreate Audit ReportAlert Security

Authentication Events

Search and analyze authentication patterns

Example Queries:

$ Find failed MFA attempts
$ Show logins from new locations
$ Search for credential stuffing attacks

Available Actions:

Block IPEnable MFAReset CredentialsCreate Alert

Cloud & Container Security

Search across multi-cloud environments and container platforms for security misconfigurations and vulnerabilities.

Cloud Security Posture

Search across AWS, Azure, GCP for misconfigurations

Example Queries:

$ Find public S3 buckets
$ Show unencrypted databases
$ Search for overly permissive IAM roles

Available Actions:

Apply PolicyEnable EncryptionRevoke AccessCreate Ticket

Container Security

Search containers and Kubernetes for vulnerabilities

Example Queries:

$ Find containers with critical CVEs
$ Show pods with root access
$ Search for images from untrusted registries

Available Actions:

Block ImageRestart PodApply Security PolicyAlert DevOps

Infrastructure as Code

Scan IaC templates for security misconfigurations

Example Queries:

$ Find Terraform with public access
$ Show CloudFormation security issues
$ Search for hardcoded credentials

Available Actions:

Block DeployCreate PRAdd to BacklogNotify Team

Network, Endpoint & Email Security

Search across network traffic, endpoint activities, and email communications for threats and anomalies.

Network Traffic Analysis

Search network flows, firewall logs, and proxy data

Example Queries:

$ Find all connections to external IPs
$ Show blocked connections
$ Search for data exfiltration patterns

Available Actions:

Block TrafficCreate Firewall RuleIsolate NetworkAlert Network Team

Endpoint Security

Search across all endpoints for threats and vulnerabilities

Example Queries:

$ Find endpoints with missing patches
$ Show processes with network connections
$ Search for suspicious registry changes

Available Actions:

Isolate EndpointDeploy PatchKill ProcessCollect Forensics

Email Security

Search email logs and analyze phishing attempts

Example Queries:

$ Find emails from suspicious sender
$ Show emails with malicious attachments
$ Search for BEC attempts

Available Actions:

Quarantine EmailBlock SenderNotify UsersCreate Phishing Alert

Compliance & Governance

Search audit logs, compliance data, security metrics, and data protection policies across your entire security stack.

Compliance Audit Search

Search audit logs and compliance data across all systems

Example Queries:

$ Find all access to sensitive data
$ Show compliance violations
$ Search for PCI-DSS failures

Available Actions:

Generate ReportCreate Remediation TaskAlert Compliance TeamExport Evidence

Security Metrics & KPIs

Search and analyze security metrics across platforms

Example Queries:

$ Show vulnerability remediation rate
$ Find mean time to detect
$ Search for incident response metrics

Available Actions:

Generate DashboardExport MetricsSchedule ReportAlert Management

Data Loss Prevention

Search for sensitive data exposure and policy violations

Example Queries:

$ Find files with credit card numbers
$ Show DLP policy violations
$ Search for PII in cloud storage

Available Actions:

Quarantine FileEncrypt DataBlock TransferNotify Data Owner

Ready to Query Everything?

Unified search across all your security tools with instant action capabilities - no more tool switching

Explore Automation Use CasesView Infrastructure Use Cases
    Federated Search & Actions | Query All Tools, Act on Results | HyprEdge AI