Legacy SIEMs: all noise, no signal. Scanner: built for teams who actually want to fix things. - 1,000s of useless alerts? Nope. - Context first. Triage in seconds. That’s why @tryramp, @getpostman & @Lemonade_Inc ditched the bloat. 🔗

@FloQast

FloQast was stuck with short log retention, rising SIEM costs, and way too much friction - so they made a switch. Now they analyze 100TB+ in seconds, keep 12+ months of EDR data, and query straight from S3, no handoff and no headaches. Read about it

Resetting MFA at 3AM? Logging in from two continents in an hour? If it's in your Okta logs, it's worth investigating. New guide: How to build a real detection pipeline from Okta → Grove → Substation → Scanner. Here is the full guide: https://t.co/dtpjYQAFqE

Big news: https://t.co/0pFz8MD6cW is hitting the stage at @BlueTeamCon 2025 Cliff’s heading to Chicago this Sept to talk AI + SecOps — specifically, how modern security teams can boost productivity without burning out. Let’s connect IRL: 🔗

Awesome product, @cotoolai! And thanks for the shoutout at 0:34! 😀 Teamwork makes the dream work

Changelog: You can now transform your logs as they flow into your Scanner indexes. - Add normalized Elastic Common Schema (ECS) fields to popular log source types. - Auto-parse JSON strings and "key=value" pairs. - And more... Transformers - more than meets the eye.

anyone using data lakes for their logs? doing an info session next week about good methods we're seeing these days, particularly what detection & response teams are doing. come share how you do things! https://t.co/fGyf18HLeV

New Feature Announcement: 🔍Visual Query Builder – Build & switch between visual & text queries seamlessly. Auto-complete & easy visualization included! 🛡️ MITRE-Tagged Detection Rules – Organize & analyze rules with built-in & custom tags. Learn more:

Join our hands-on webinar Jan 30 to learn how to streamline and deploy security detections with Scanner's schemaless log search index in your S3 bucket. UI & code-first approaches, GitHub integration—no complex schemas or heavy engineering. https://t.co/Ss78VM9Jkb

Announcing a major expansion of Scanner's detection capabilities with ready-to-use rules across 12 critical log sources bringing our total to 214 detection rules, covering 11 MITRE ATT&CK tactics and 45 techniques.

Explore the key benefits of Security Data Lakes, including advanced use cases for threat hunting, streamlined detection and response workflows, and their role in GenAI-powered analysis. https://t.co/DCsfOkOfNw

Struggling with Datadog log costs? Security teams face challenges balancing Standard Logs, Flex Logs & Cloud SIEM. Learn how @scanner_dev helps optimize performance and detections, cuts costs, and enhances @datadoghq's power & efficiency. https://t.co/2bBOZBP3Jo

The @scanner_dev Playground is live! Dive into an interactive demo with AWS CloudTrail logs to experience a full threat investigation scenario. Sign up now and start exploring at https://t.co/k4QMYkHpkR.

Congrats to the Scanner team for launching Detection Rules As Code! Our users can now manage detection rules directly in their own GitHub repos, improving collaboration, change management, continuous delivery, and streamlining threat detection development https://t.co/rpFaqN36oR

Announcing the release of Scanner for @ProjectJupyter, allowing users to analyze & visualize years of logs using Jupyter notebooks via the Scanner Python SDK for Response-as-Code and Advanced threat hunting on historical logs https://t.co/9B0Mtkmkfk

Our co-founders @CliftonCrosland and Steven Wu kicked off our first day at #RSAC with so many great conversations with security leaders from all over the globe that came to learn more about @scanner_dev. Come visit us at the Early Stage Expo tomorrow or Thursday. See you there!

Announcing Scanner for Splunk which makes it easy to leverage logs in S3 for advanced threat hunting and detection - all while staying entirely within the Splunk UI. Teams can now gain visibility into historical & high-volume logs while saving up to 80-90%

Introducing our new Threat Detection Rules to help alert teams whenever there are misconfigs, indicators of compromise, and various kinds of threat activity. Teams can even chain detections together w/ Jupyter notebooks to investigate advanced threats

whatever you do this year, please try not to spend half a million dollars on logs