The IT Nerd

Abstract Security, the leader in streaming-first security data operations, today announced Juul Labs, a leader in consumer electronics manufacturing, as a new customer.  

In an industry long burdened by operational complexity and rising costs, Juul Labs is transforming its approach to cybersecurity and IT infrastructure. Under the leadership of Pablo Quiros, VP & Global Head of Security and Information Technology / CISO, the company has quickly improved its security posture by using modern platforms including Abstract Security to get real-time visibility, reduce complexity, and empower the existing teams so they can focus on real threats without noise. 

When Pablo Quiros joined Juul Labs, the company faced a complex and fragmented security environment. With a lean, high-impact team and no room for complexity, Quiros recognized the need for a solution that could provide powerful security capabilities without requiring a massive headcount or heavy operational lift.  

Security Without Compromise: Innovation at Speed and Scale  

After evaluating the market, Juul Labs chose Abstract Security for its modern approach to security operations. With built-in data pipelines, streaming threat detections, and native cold storage through LakeVilla, Abstract is designed from ground up to cut complexity, speed up response, and boost team efficiency — all without the overhead of traditional solutions.  

Immediate Impact, Measurable Gains  

With Abstract, Juul Labs now enjoys:  

• Full visibility across its entire attack surface – Juul now has “full understanding of our attack surface — who, what, where, when, and why.”  
• 4x engineering efficiency — “What previously took four days can now be done in a single day, freeing up engineering time for high-value tasks,” said Quiros. 
• Projected 75% infrastructure savings – Juul expects infrastructure costs to drop by up to 75% over the next year as legacy systems are phased out.  

A Platform for What’s Next – Rethinking Security for Modern Architecture  

Juul Labs is now expanding its use of Abstract Security to include advanced analytics, which enables its team to increase capacity without increasing headcount.  

Quiros sees Abstract Security as more than a platform — it’s a strategic partner. “We like that Abstract is young and responsive. We feel like we have a voice in shaping where the product goes.”   

Read More about Juul Labs’ story here www.abstract.security/blog/how-juul-labs-rebuilt-its-security-operations-using-abstract.

Abstract Security, the leader in streaming-first security data operations, today announced the release of LakeVilla, a cloud-native cold storage solution built for long-term security telemetry retention that delivers compliance-ready, highly accessible storage at a fraction of SIEM costs—without compromising on performance or accessibility.

Fully integrated into the Abstract Security Platform, LakeVilla enables organizations to retain and replay years of security data—instantly searchable and seamlessly usable across detection, investigation, and compliance workflows. LakeVilla provides: 

• Instant Searchability Without Rehydration: Data is always query-ready—no rehydration, no delays, no hidden fees. 
• Replay on Demand for Deeper Insights: Replay archived data through live workflows to uncover missed threats and refine detection. 
• Cost Savings at Enterprise Scale: Reduce storage costs by sending only frequently accessed, high-touch data to analytics engines—while routing the rest to LakeVilla for affordable, always-available retention. 
• Seamless Integration with Abstract Pipelines: Removes redundant ingestion steps and ensures seamless data flow from real-time detection to long-term storage. 
• Cloud-Native Flexibility and Vendor-Neutral Design: Supports AWS, Azure, and GCP cloud object storage—giving organizations the flexibility to store data where they already operate with built-in flexibility to migrate without hassle and avoid vendor lock-in. 

Why have a Lake House When You Can Have a Lake Villa! 

While data lake architectures are often bloated, costly, and slow to access, Abstract Security’s LakeVilla is different: purpose-built for security, optimized for speed, and seamlessly integrated with the tools teams already use. It’s not just a storage location—it’s an operational asset. 

Availability 

LakeVilla is available now for all Abstract Security customers in both hosted and private cloud deployments. To learn more, check out the LakeVilla blog. 

Abstract Security today announced the launch of ASTRO (Abstract Security Threat Research Organization), aimed at redefining how companies detect, understand, and counter the most sophisticated cyber threats of the 21st century. ASTRO was formed by a coalition of cyber defenders, threat hunters and incident responders that have spent decades responding to real world incidents.

ASTRO provides high-powered capabilities to customers across the Abstract Platform by:

• Delivering Filtering, Aggregation, Transformation and Enrichment actions (FATE),to surface the signals that matter most, empowering analysts, defenders, and cyber operations teams to move faster and smarter.
• Embedding Abstract Security Engineer (ASE), the company’s advanced intelligence engine, with the team’s expertise to empower security analysts. Abstract utilizes the latest advancements of GenAI, machine learning, expert systems and automation for this critical capability.
• Detecting the latest risks and threats with Abstract’s Streaming Threat Detection Engine with criteria covering the entire attack surface of Cloud, SaaS, Network and Endpoint.
• Integrating data sources and destinations with Abstract Security’s Platform, to collect the most relevant events, context and data to provide the most complete situational awareness.

Abstract’s ASTRO team have played pivotal roles in the evolution of threat intelligence and response — beginning their careers at organizations such as CERT.org and NCFTA to leading positions at Equifax, Blackberry, Palo Alto Networks Unit 42, the Secureworks Counter Threat Unit, Sumo Logic, and Anomali. This collective experience fuels ASTRO’s mission “to protect the future by pioneering all-source data, threat, detection, and response analytics across today’s most critical environments.”

Abstract’s ASTRO team provides customers with insight into all the thousands of IoT/smart devices that connect to the network plus the entirety of SaaS software applications to make sure they are detecting everything happening in order to locate the bad actors and nefarious activity. ASTRO embeds the Abstract Security Engineer (ASE) technology to utilize GenAI and machine learning technology as well as providing expert systems and automation to train ASE with the team’s vast experience in all things cybersecurity.

For additional insight, please see ASTRO’s latest blog: The Invisible Enemy: Unmasking Microsoft 365’s Logging Blind Spots.

In today’s hyperconnected world, cybersecurity professionals face an unprecedented challenge: managing an overwhelming flood of security data. According to recent research by the Enterprise Strategy Group (ESG), nearly half of cybersecurity and IT professionals say handling security data has become significantly more difficult in just the past two years. With every endpoint, server, application, and network device generating endless streams of logs and alerts, security teams are caught in a rat race—drowning in information yet struggling to detect and mitigate real threats efficiently.

The root cause is an expanding attack surface driven by cloud adoption, remote work, and the rapid proliferation of IoT devices. This ever-evolving threat landscape results in fragmented data sources, performance bottlenecks, and compliance challenges. Most organizations rely on multiple security repositories such as SIEM, XDR, NDR, and EDR platforms—creating visibility gaps and making security operations more complex than ever.

Abstract Security, along with several other industry leading authors, is have published an eBook entitled Applied Security Data Strategy. The book contains chapters including:

• Data: The New Oil, Refining the Future
• Data Discovery
• Data Collection & Ingestion
• Data Processing
• Data Storage
• Data Analysis
• Data Reporting
• Data Governance and Security
• Understanding Common Data Platforms and Tools
• Time to Build Your Own Security Data Fortress

Industry authors include:

• Alan Czarnecki
• Alex Gilelach
• Ryan Moon
• Matt Carothers
• Paul Keim
• Don Mallory
• Greg Olmstead
• Jon Oltsik
• Justin Borland and Aqsa Taylor from Abstract

You can have a look at the eBook here.

Abstract Security announced today that it has partnered with Analytica42 to help organizations easily integrate their data sources with Google SecOps platform for analytics and storage. With the new integration, Abstract Security makes it easier for customers to migrate to Google SecOps through its pipeline management features which eases the burden of data management and routes quality data to the platform. 

Abstract provides over 100 integrations for data sources with industry-leading vendors out of the box, in addition to threat intel feeds and its own in-house ASTRO threat feed. This comprehensive ecosystem enables customers to blend their unique security data with valuable threat intelligence and insights, significantly enhancing their overall security posture and enabling more informed decision-making. Further, Abstract offers customers a fully hosted solution on Google Cloud Platform or the flexibility to deploy into their own cloud environments, giving them complete control over their cybersecurity infrastructure.

Abstract’s security operations platform delivers analytics that quickly correlate data and delivers actionable insights at the business level, ensuring security teams can focus on what matters most. With Abstract’s data pipeline management tool, customers benefit from Abstract’s ability to decouple the data sources from data destinations and normalize the data in real time before it reaches a destination. Through this tool, Abstract removes dependency and makes data easily routable to any destination which saves time and money for data storage.   

Abstract has chosen to work with Analytica42 as a global delivery partner to ensure that the transition to a new environment is seamless with as little disruption as possible.

Analytica42 offers many years of experience in the integration and migration of security tools to and from a wide range of SIEMs. This enables customers to unlock their SIEMs full potential, ensuring faster detection, quicker response times & more streamlined workflows. Rather than just simply adopting a one-size-fits-all approach, Analytica42 takes the time to understand the specific requirements, utilizing a comprehensive, pre-built library of use-cases alongside more bespoke solutions to minimize false positives & ensure you have full visibility across your security landscape. 

Abstract Security today announced it has added support for deployments within Google Cloud Platform (GCP). 

The support for GCP follows Abstract Security’s existing support for AWS and Azure. Abstract enables multi-cloud deployments of its SOC platform, deploying multiple instances of Abstract Security around the world to support data localization requirements and eliminate data transfer costs. Additionally, Abstract supports transactions through both AWS and Azure marketplaces with GCP coming soon.

Abstract Security’s SOC platform offers:

• Seamless integration with local GCP services – Ensuring strong security coverage and visibility into GCP services. 
• Abstract Intel Gallery – As part of Abstract’s data fabric, organizations can leverage no-code ETL to enrich events with real-time threat intelligence, enhancing detection accuracy and relevancy. 
• Real-time streaming threat detection – Security analytics are powered by AI, enabling enterprises to stay ahead of rapidly evolving cyber threats. 
• Compliance and data sovereignty – Providing a single search and reporting view across regional deployments, enabling compliance with data localization requirements.

Abstract has seen growing demand since emerging from stealth and announcing its Seed funding in March 2024. In April, Abstract announced the opening of its first Middle East office. In May, the company announced the addition of Christopher Key to its Board of Directors and was selected as a “Pioneering Cybersecurity Startup” winner, as part of the 2024 Global Infosec Awards.

Abstract Security today announced the launch of Abstract Intelligence Gallery (AIG) which puts threat intelligence to work for enterprise security teams bolstering their detection & analytics workflows without needing specialized platforms or complex management of intel data.

Abstract Security manages high quality threat intelligence through partnerships & integration for key intelligence vendors, including Silent Push, Flashpoint, Google Mandiant, CrowdStrike, Cybersixgill, Cyware, & SecLytics, enabled by the engine that drives Abstract’s streaming security fabric. In addition, customers can operationalize in-house intelligence by uploading it directly to their private Abstract Security deployment.

AIG is built on top of Abstract Security’s streaming analytics platform – enabling correlation of millions of indicators against billions of events in real time. This new capability unlocks several new use cases which will increase customers’ security posture, including: 

• Streaming Event Correlation: Seamlessly correlates events to known adversary infrastructure, providing real time insights into security breaches.
• Keyword Monitoring: Monitors threat intelligence feeds for patterns & keywords related to brand and executive monitoring, ensuring proactive threat awareness.
• Unified Search and Reporting: Delivers a unified search and reporting capability across multiple intelligence providers, simplifying threat analysis and management.
• Streaming Security Enrichment: Enriches events with real-time threat intelligence data, enhancing detection accuracy and reporting capabilities.

The Abstract Security team will be at Blackhat in Las Vegas next week to discuss this news. 

Abstract has seen growing demand since emerging from stealth and announcing its Seed funding in March 2024. In April, Abstract announced the opening of its first Middle East office. In May, the company announced the addition of Christopher Key to its Board of Directors and was selected as a “Pioneering Cybersecurity Startup” winner, as part of the 2024 Global Infosec Awards.

Abstract Security today announced that Chris Camacho has joined the company as Chief Operating Officer (COO). As one of Abstract’s co-founders, Camacho has been instrumental in launching and advising the company since its inception. Through his role as COO, Camacho will lead the company’s customer-first approach and spearhead its strategic global market expansion. 

A well-respected industry leader, Chris Camacho is an entrepreneur, investor, and advisor with more than 25 years of cyber security leadership experience from roles at The World Bank, Bank of America, Flashpoint, and others. Camacho has spearheaded initiatives across Operational Strategy, Incident Response, Threat Management, and Security Operations to ensure cyber risk postures align with business goals. Camacho earned a BS degree in Decision Sciences & Management of Information Systems from George Mason University.

Abstract has seen growing demand since emerging from stealth and announcing its Seed funding in March 2024. In April, Abstract announced the opening of its first Middle East office. In May, the company announced the addition of Christopher Key to its Board of Directors and was selected as a “Pioneering Cybersecurity Startup” winner, as part of the 2024 Global Infosec Awards.