Uptycs Blog

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you’ll enjoy our blog enough to subscribe and share.

Osquery tutorial: How to check disk encryption on Mac, Linux, and Windows

Osquery tutorial: How to check disk encryption on Mac, Linux, and Windows

As user-driven security expands, the need for securing user-managed systems grows. Disk encryption is an essential and straightforward way to shore up user security.

Osquery tutorial: Assessing Chrome extension permissions

Osquery tutorial: Assessing Chrome extension permissions

In a previous tutorial, we discussed gathering software inventory, including Chrome extensions.

Knowing what you have is half the battle. But once you know what you have, how do you decide what you should keep?

How to use Uptycs’ audit and detection features during BootHole remediation

How to use Uptycs’ audit and detection features during BootHole remediation

SecOps and IT administrators have seen plenty of information regarding the GRUB2 BootHole vulnerability. In addition to BootHole, several low to moderate vulnerabilities were also discovered and fixed. While a key recommendation for mitigation is to install OS updates and patches, vendor patches should be carefully tested and incrementally applied to vulnerable assets. Updating the Secure Boot Forbidden Signature Database (dbx) has caused issues in the past. Initial GRUB2 patches from Red Hat caused boot issues for some RHEL and CentOS machines.

The 4 tenets of an integrated security program

The 4 tenets of an integrated security program

Implementing an integrated security program requires diligence and foresight. You have to balance current needs while anticipating future security scenarios.

Osquery tutorial: Gathering software inventory

Osquery tutorial: Gathering software inventory

Gathering software inventory is an important part of security and systems management. There’s a good reason software inventory is No. 2 in the list of CIS Critical Controls!

Addressing critical Windows DNS Server remote code execution vulnerability CVE-2020-1350

Addressing critical Windows DNS Server remote code execution vulnerability CVE-2020-1350

Microsoft released multiple security updates on Tuesday, July 14, including one for a remote code execution vulnerability for their DNS server.

Page 1 of 16: