Skip to main content

vast limits GmbH and uberAgent are now part of Citrix, a business unit of Cloud Software Group. Learn more at Citrix.com.

Release

Announcing uAQL Studio: Build & Test Threat Detection Rules

  • by Helge Klein
  • March 2, 2022

We’re happy to announce the public release of uAQL Studio, our new free online tool to learn, build and test uberAgent ESA Threat Detection rules.

What Are Threat Detection Rules?

Threat Detection is at the heart of uberAgent ESA’s endpoint security analytics functionality. When a Threat Detection rule matches a risky process, an unusual network connection, or similar activity, uberAgent ESA creates an event in your SIEM (e.g., Splunk). Threat Detection’s comprehensive, extensible ruleset is powered by uAQL, a feature-rich query language that is both easy to read by humans and fast to process by computers.

uAQL: a Query Language for System Activity Tracing

Have you ever looked at some XML and thought: “now that’s the type of code I’d like to work with every day of my professional career”? Exactly. That’s why we developed uAQL, a query language that combines the best and most intuitive aspects of popular scripting languages.

uAQL Studio: an IDE for uAQL

Every programming language needs an integrated development environment (IDE). In other words: an application that combines a modern editor (think syntax highlighting and code completion) with an execution environment to test and run your code. uAQL Studio is exactly that: an IDE for uberAgent ESA Threat Detection rules.

Getting Started With uAQL Studio

Nothing could be easier. Take a look at this walkthrough first. Then head over to uAQL Studio and try it for yourself. Let us know what you think!

About uberAgent

The uberAgent product family offers innovative digital employee experience monitoring and endpoint security analytics for Windows and macOS.

uberAgent UXM highlights include detailed information about boot and logon duration, application unresponsiveness detection, network reliability drill-downs, process startup duration, application usage metering, browser performance, web app metrics, and Citrix insights. All these varied aspects of system performance and reliability are smartly brought together in the Experience Score dashboard.

uberAgent ESA excels with a sophisticated Threat Detection Engine, endpoint security & compliance rating, the uAQL query language, detection of risky activity, DNS query monitoring, hash calculation, registry monitoring, and Authenticode signature verification. uberAgent ESA comes with Sysmon and Sigma rule converters, a graphical rule editor, and uses a simple yet powerful query language instead of XML.

About vast limits

vast limits GmbH is the company behind uberAgent, the innovative digital employee experience monitoring and endpoint security analytics product. vast limits’ customer list includes organizations from industries like finance, healthcare, professional services, and education, ranging from medium-sized businesses to global enterprises. vast limits’ network of qualified solution partners ensures best-in-class service and support anywhere in the world.

Comments

Your email address will not be published. Required fields are marked *