Free Osquery Training Course Now On-Demand

Posted by Doug Wilson on 10/18/18 8:35 AM

I’m excited to share that we have just released free online training to introduce you to osquery. Our goal was to combine quick setup and hands on labs with complete accessibility, so that anyone who wanted to give osquery a try, could.

Read More

Topics: open-source, osquery, osquery tutorial

Research Report Evaluates Osquery’s Role in Upending Endpoint Security [Complimentary Copy]

Posted by Harry Hayward on 10/4/18 8:43 AM

451 Research, a global research advisory firm, recently published their first market insight report covering osquery. The report, “Uptycs emerges from stealth betting on SQL-based osquery for upending endpoint security” acknowledges the growing impact the universal open source agent is having in the security market. 

Read More

Topics: osquery, Insider, open-source

Deploying Osquery at Scale: A Comprehensive List of Open Source Tools

Posted by Harry Hayward on 9/13/18 8:31 AM

According to the official osquery docs, osquery (os=operating system) is an operating system instrumentation framework that exposes an operating system as a high-performance relational database. Using SQL, you can write a single query to explore any given data, regardless of operating system. (more on osquery basics here)

Read More

Topics: osquery

How Osquery Helps Secure Your Cloud with These Two Critical CIS Benchmark Controls

Posted by Matt Hathaway on 9/6/18 9:09 AM

Two of the 6 basic security controls, according to the Center for Internet Security, are focused on the current state of your assets. Assessing the state of your assets has been a priority for years, but the old means aren’t as effective in modern infrastructure as they were on legacy systems. These two critical controls - Continuous Vulnerability Management and Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers - are a foundational part of any security program, but you’ll run into implementation challenges if you simply drag legacy tools into a cloud environment. That’s why osquery, a light weight and cloud friendly universal agent, is quickly becoming the go-to for helping to secure cloud workloads, in part through the effective application of these two critical controls. Let’s explore how.

Read More

Topics: CIS Benchmark, osquery, continuous monitoring, cloud monitoring, cloud security

How Osquery Will Change The Fragmented Security Market

Posted by Ganesh Pai & Amber Picotte on 8/30/18 9:42 AM

 The Current State of Enterprise Security: Fragmentation and Fatigue

In a recent blog post, we discussed some of the issues with proprietary agents and the challenges they pose to enterprises. For example, most security solutions deploy separate and proprietary agents for audit/compliance, threat detection, vulnerability detection and incident response.

Read More

Topics: osquery, system architecture

Secret Agent Mess

Posted by Amber Picotte on 8/28/18 8:15 AM

While endpoint agents have always tried to be the eyes and ears for security, an overabundance of them may be degrading security rather than improving it. A 2017 survey from Barkly and Ponemon Institute finds that companies have as many as seven different agents running on each endpoint, while at the same time, three out of four report still having difficulty managing endpoint risk. Other security solutions require agents for compliance, data leakage, vulnerability and patch management, network security solutions, systems management, and more. The industry has gone agent crazy, it seems, resulting in significant performance issues, escalating licensing costs, conflicts with other services running on the endpoints, maintenance headaches, difficulties for upgrades and certification issues, and more. 

Read More

Topics: osquery, opinion

Black Hat USA 2018: Targeted Threat Hunting, Managed Everything, Serverless Security and Other Trends

Posted by Matt Hathaway on 8/20/18 8:38 AM

Quenching your thirst in the desert is a major challenge, but seeing everything at BSides Las Vegas and Black Hat is even more difficult.

While I am there every year, hydrating, I try to take note of the innovation I see. Luckily, the Black Hat team has named Innovation City to make it a little easier on me, so I started there and walked the full business hall to ask questions and listen. This year, I took note of a few key themes.

Read More

Topics: Insider

Intro to Osquery: Frequently Asked Questions for Beginners

Posted by Amber Picotte on 7/17/18 6:52 AM

There is a growing and passionate community around osquery, actively sharing information and perspective, answering questions, exposing challenges and dispelling misconceptions. Even so, learning the basics as you're getting started requires a lot of piecing together bits of wisdom (ie Googling + Reading + Networking). The intention of this post is to a) curate some of the great content from the community b) organize it to cover common questions for beginners c) incorporate some of what we've learned over the past three years through the Uptycs journey. If you like it, and it is helpful, throw a comment down below or let us know on Twitter and we'll create a more advanced FAQ next time around. 

Read More

Topics: osquery

Composing Defences: The Case for Building Defence in Height

Posted by Andy Ellis on 7/12/18 7:27 AM

Often, in the information security community, we bandy about terms like “defence in depth” or “layered defences.”  Most of the time, it’s just a platitude for “buy more stuff.” It’s worth exploring the way these terms evolved, and how we should think about defensive architectures in the world defined not by physical space, but by network connectivity.

Read More

Topics: CSO Insights

Reflecting on Uptycs Series A Milestone

Posted by Ganesh Pai on 6/19/18 9:14 AM

Today, we announced our $10M Series A funding led by ForgePoint Capital and Comcast Ventures. Read the press release here. 

Three years ago a conversation - over coffee and in the company of my co-founders – changed the trajectory of my entrepreneurial journey. We were discussing how fragmentation is a major problem in the cyber security industry. What do I mean by fragmentation?  Just take a look at the exhibit floor at RSA Conference and observe the ever-growing sea of vendors offering point solutions, each with their own agent collecting relevant data and covering only a portion of what is needed to achieve good cyber hygiene. The vast majority of these solutions are closed and proprietary, and only extensible by convincing the solution vendor to add some new features to its product roadmap, which could take many months or even years. Within a category, each vendor claims theirs is the best.  But based on what, the security credentials of the founders and technical leadership team?  You can’t look inside the products to see what is going on. It’s more of a “trust me, I know what I’m doing.”  Adding to the problem is that each solution comes with its own UI and threat intelligence, and doesn’t easily share data with other solutions, except through a third solution, typically a SIEM.

Read More

Uptycs Blog | Cloud Security Trends and Analysis

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you'll enjoy our blog enough to subscribe, share and comment.

Subscribe for New Posts

Find Uptycs Everywhere

Recommended Reads