Uptycs Blog

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you’ll enjoy our blog enough to subscribe and share.

[LISTING CONTENT]

3 Cloud Computing Security Issues & How To Get Them Under Control

3 Cloud Computing Security Issues & How To Get Them Under Control

Businesses are enthusiastically adopting cloud computing as a cost-saving technology, and it’s no wonder, the business case for cloud technology speaks for itself: reduced asset depreciation, remarkably agile resources that can scale up or down within minutes, and fewer staff to maintain it. Unfortunately, this is only part of the picture.

3 Reasons Your CSIRT Needs Osquery

3 Reasons Your CSIRT Needs Osquery

2018 marks the first full year in which Uptycs, the company created to bring Facebook’s open source osquery agent to widespread commercial adoption, has had its turnkey security analytics platform in the market. As can be expected of any startup that launches a new ground-breaking product, it has been an exciting year, full of anticipation, unprecedented interest, and challenging work as we tweaked and tuned the product to optimize it for what our customers needed it to do.

Securing Containers: Using osquery to Solve New Challenges Posed by Hosted Orchestration Services

Securing Containers: Using osquery to Solve New Challenges Posed by Hosted Orchestration Services

It is not often that one runs into situations that so purely fit a classic stereotype. Securing and monitoring Docker containers happens to be one of those conundrums that is a textbook example of a “damned if you do and damned if you don’t” setup. On the surface, securing and monitoring containers seems like a straightforward affair – treat containers like mini virtual machines, and run your security/monitoring agents in each container; or, treat them like processes running on the host OS, and run your security/monitoring agents on the host OS. Sounds simple enough. However, both options run into some surprisingly natty difficulties. 

Does osquery violate GDPR rules around Personally Identifiable Data (PII)?

Does osquery violate GDPR rules around Personally Identifiable Data (PII)?

AHHHH! GDPR day is upon us!

If you've used a service or signed up for anything ever in your life then you've surely noticed the onslaught of "Terms of Privacy Update" emails over the last couple of days. That could only mean one thing: GDPR implementation day has finally arrived! But for all the unavoidable noise around GDPR, we couldn't help but notice a lack in any advice or documentation about osquery and its link to Personally Identifiable Information (PII) -- a focal area in the GDPR regulation (here's a "handy" 100 page reference guide on GDPR). So, let's get right to it then.

Wildcards and globbing in osquery

Wildcards and globbing in osquery

Filepath globbing (filename patterns with wildcards) support in osquery has regularly been a source of confusion, frustration, and lost time. You can certainly explore the wildcarding system in these osquery docs, but it is hoped that the notes below will help shed light on how globbing in osquery actually works to help save you some grief.