Linux Security Simplified: How To Make Linux More Secure (With Less Work)

Linux is a versatile operating system. Its use cases vary greatly, from hosting hundreds of containers across a complex network, to running a single desktop, to the operating systems of TVs, Android phones and most Internet of Things (IoT) devices.

Read More

Topics: linux security

Uptycs File Integrity Monitoring Solutions: Security Control, Simplified

Knowing how files are being accessed within a network, and by whom, is an important part of a security team’s global security program. But finding the right file integrity monitoring software can be a challenge, particularly when you’re managing a hybrid of cloud and on-premises infrastructure across macOS, Linux, and Windows.

Read More

Topics: file integrity monitoring solutions

[Infographic] macOS Native Security Configurations and osquery

Be it for macOS or my dog eating out of the trash, there is no such thing as a bullet-proof security policy. It’s all about creating a threshold of standards- something to work off of while simultaneously reducing overall risk (you know, like storing your trash can on the counter, for example).

Read More

Topics: osquery, macOS, mac edr, open-source, asset inventory, security hygiene

Why Real Time Threat Intelligence Isn’t Enough

Detecting security threats is difficult work, now more so than ever. Our threat intelligence tools are playing catch-up with increasingly sophisticated attack vectors, including polymorphic malware, quick-turn domains and other turn-on-a-dime attack tactics.

Read More

Topics: incident investigation, threat intelligence

[Video] Osquery and 8 macOS Security Best Practices

Read More

Building Your First Incident Response Policy: A Practical Guide for Beginners

It only makes sense to assume that sooner or later your company will have to handle a security incident and the subsequent recovery from any damage caused.

Creating an incident response policy before an incident occurs can help you minimize risk and ensure that you and your team are prepared. By planning your response ahead of time, you will be able to respond faster and more efficiently, and possibly even prevent additional damage from occurring.

Read More

Topics: incident investigation

Performant Osquery – Enterprise-grade Osquery at Scale Considerations

In this blog post I’ll cover osquery’s ability to provide performant behavior and its capabilities to excel at enterprise grade requirements. Many observations covered in this blog will highlight various capabilities of osquery that should aid in your journey toward an enterprise-grade osquery deployment.

Read More

Topics: osquery, TLS, system architecture, open-source, cloud security

Demisto & Uptycs: Orchestrating Incident Response Activities

Orchestration engines such as Demisto give security professionals the freedom to integrate multiple services into coordinated, automated workflows.  Simple REST APIs allow the transfer of data from one application or service to another in a reliable, straight-forward manner. With the appropriate data sources, users are enabled to create workflows and reports for incident investigation and response. In removing the human element, orchestration engines can improve the overall efficiency and consistency of incident response, while freeing up time for other tasks.

Uptycs leverages the open-source osquery agent in order to acquire real-time data about nearly any facet of your infrastructure (more about osquery here). This data is streamed, aggregated, and stored in the Uptycs backend and then made accessible via our API, allowing the integration of Uptycs data with other services.

Read More

Topics: incident investigation, integrations

Osquery Security Use Cases and Solutions

Osquery has become a popular source of instrumentation for a wide variety of use cases. On github security showcase, it is currently among the top most popular open source security projects. Given the popularity, a recurring question is what use cases can one address with osquery in an enterprise environment?

Read More

Topics: osquery, system architecture, open-source, cloud security

Hardening defenses with MITRE ATT&CK and osquery: Lessons from Singapore Health Breach

There's a big disconnect between best practice frameworks and the real-life nitty gritty. Many of these frameworks broadly approach the overarching principles that a robust security program should encompass and why these principles are important; however, they don't usually say specifically what kind of attacker behavior a defender should anticipate when building their security programs, nor do they detail how an attacker would work to thwart those vaulted best practices. Often, that's left up to the security practitioner to suss out themselves in their copious spare time.

Read More

Topics: incident investigation, threat hunting

Uptycs Blog | Cloud Security Trends and Analysis

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you'll enjoy our blog enough to subscribe, share and comment.

Subscribe for New Posts

Find Uptycs Everywhere

Recommended Reads