Collaborate Disseminate
Long-term cloud credentials are often scattered throughout source code, on laptops or desktops, on servers, in cloud resources and in other locations. It’s easy to copy them across machines, creating credential sprawl that increases your leakage risk…. Continue reading Reducing the Risk of Credential Leakage
by Rachel Cipkins, Stevens Institute of Technology During my summer internship at Trail of Bits I worked on osquery, the massively popular open-source endpoint monitoring agent used for intrusion detection, threat hunting, operational monitoring, and m… Continue reading Osquery: Using D-Bus to query systemd data
TL;DR: Trail of Bits has developed ntfs_journal_events, a new event-based osquery table for Windows that enables real-time file change monitoring. You can use this table today to performantly monitor changes to specific files, directories, and entire p… Continue reading Real-time file monitoring on Windows with osquery
The Uptycs Threat Intelligence team is responsible for providing a high quality, curated, and current Threat Intelligence feed to the Uptycs product. In order to deliver the threat feed, the team evaluates every single alert that is seen by our cu… Continue reading Investigating Threat Alerts with Osquery: Understanding Threat Surface & Risk
Osquery has become a popular tooling for endpoint-based security analytics. The user community is thriving and vibrant as reflected in GitHub security showcase and osquery slack channel activity. There are many organizations, large and small, who … Continue reading Announcing the osquery@scale Conference
Mozilla pushes a patch onto an Array, Netflix shares a stream of patches, Breach to bankruptcy for healthcare company, Osquery becomes a foundational tool, Avoiding DevOps dangers, and Assigning DevOps directions! News Bugs, Breaches, and More! Moz… Continue reading Osquery, Netflix, & Mozilla – Application Security Weekly #66
Engineers and developers from Facebook, Google, Trail of Bits and more to help advance osquery through neutral forum SAN FRANCISCO – June 18, 2019 –Facebook and the Linux Foundation, the nonprofit organization enabling mass innovation through open sour… Continue reading The Linux Foundation Announces Intent to Form New Foundation to Support osquery Community
QueryCon takes place this week at the Convene Conference Center in Downtown Manhattan, Thursday June 20th- Friday June 21st. If you don’t have a ticket yet, get one while you can. QueryCon is an annual conference about osquery, the open source pr… Continue reading Why you should go to QueryCon this week
System administrators use osquery for endpoint telemetry and daily monitoring. Security threat hunters use it to find indicators of compromise on their systems. Now another audience is discovering osquery: forensic analysts. While osquery core is great… Continue reading Using osquery for remote forensics
For months, Facebook has been heavily refactoring the entire osquery codebase, migrating osquery away from standard development tools like CMake and integrating it with Facebook’s internal tooling. Their intention was to improve code quality, imp… Continue reading Announcing the community-oriented osquery fork, osql