Content Matching
While Contextal Platform primarily focuses on metadata, relationships, and other features extracted from data by its specialized processors, there may be cases where more precise matching is required. For this purpose, the @match_pattern() function has been introduced in Contextal Platform 1.1. This feature allows for direct pattern matching right from within ContexQL query logic!
Cross-Object and Cross-Context Pattern Matching!
The results of pattern matching can be combined with other objects' characteristics and relationships, enabling functionality far beyond standard detection systems. ContexQL makes it possible to aggregate multiple matches from different objects into a single actionable scenario.
This allows for cross-object matching, where users can describe relationships between different objects' contents—something usually not achievable with traditional threat detection solutions. You can go even further by using @match_pattern() not only within the local graph but also across the global context!