Latacora’s security tooling approach involves collecting and analyzing data from read-only APIs to identify security issues and misconfigurations in client infrastructure. The company leverages its data collection methods to support future incident response and forensics. A key challenge faced was needing a performant way to analyze data and ask complex questions. The use of Datomic, a database that stores information as immutable atomic facts and supports various access patterns using Datalog, plays a crucial role in their data architecture. Latacora’s approach, inspired by Clojure, involves extracting and storing unique information efficiently in snapshots, allowing for interconnected data analysis and improved security insights.
https://www.latacora.com/blog/2024/09/13/datomic-and-content-addressable-techniques/