Collaborate Disseminate
Exciting news: We’re hosting the second annual QueryCon on June 20th-21st in New York City, co-sponsored by Kolide and Carbon Black! Register here QueryCon has become the foremost event for the osquery and osql open-source community. QueryCon bri… Continue reading Announcing QueryCon 2019
The Windows registry is full of information, and with the proper tools, can be a gold mine for attackers and defenders alike. Attackers look to find specific configurations, credentials, or any information that can help them further attack systems… Continue reading Windows Registry & Osquery: The Easy Way to Ensure Users are Secured
2018: The year of speculative execution bugs
A year ago, in January 2018, three hardware vulnerabilities known as Meltdown, Spectre Variant 1, and Spectre Variant 2 were disclosed to the public.
Although disclosure was supposed to occur on January… Continue reading One Year Later: Ensuring Windows is Protected from Meltdown+Spectre
2018 marks the first full year in which Uptycs, the company created to bring Facebook’s open source osquery agent to widespread commercial adoption, has had its turnkey security analytics platform in the market. As can be expected of any sta… Continue reading 3 Reasons Osquery Should Be On Every Incident Responders Christmas List
Last week, Malwarebytes posted an article highlighting new malware discovered by John Lambert (Microsoft), Patrick Wardle (Objective-See and Digita Security) and Adam Thomas (Malwarebytes), and sure enough, persistence using launchd is still a com… Continue reading Hunting for Evil Launch Daemons – Identifying Suspicious Behavior with Osquery
Dark Reading and Forbes, among various other sources, have recently reported that Windows computers using the hardware encryption feature of many different types of solid-state drives (SSDs) are vulnerable to attacks that defeat it completely… Continue reading Vulnerabilities in SSD Encryption: Using osquery to Identify Vulnerable Windows Machines
I’m excited to share that we have just released free online training to introduce you to osquery. Our goal was to combine quick setup and hands on labs with complete accessibility, so that anyone who wanted to give osquery a try, could.
The … Continue reading Free Osquery Training Course Now On-Demand
451 Research, a global research advisory firm, recently published their first market insight report covering osquery. The report, “Uptycs emerges from stealth betting on SQL-based osquery for upending endpoint security” acknowledges th… Continue reading Research Report Evaluates Osquery’s Role in Upending Endpoint Security [Complimentary Copy]
According to the official osquery docs, osquery (os=operating system) is an operating system instrumentation framework that exposes an operating system as a high-performance relational database. Using SQL, you can write a single query to explore a… Continue reading Deploying Osquery at Scale: A Comprehensive List of Open Source Tools
Two of the 6 basic security controls, according to the Center for Internet Security, are focused on the current state of your assets. Assessing the state of your assets has been a priority for years, but the old means aren’t as effective in … Continue reading How osquery helps secure your cloud with these two critical CIS Benchmark controls