Milan Shah

Picture of
Milan is a serial entrepreneur with a track record of building and leading cutting edge cybersecurity technology companies. Prior to co-founding Uptycs, Milan was SVP of Products and Engineering at Core Security, where he formulated a vision for a new class of automated pen testing solutions. Milan has also served as VP of Engineering at CA Technologies and IMlogic, which was successfully acquired by Symantec. The first part of his career was spent as a member of the early Windows NT development team, and he was a key architect of Microsoft Exchange. Milan holds a Masters in EECS degree from MIT, and a Bachelors in EECS from University of Illinois, Urbana.
Find me on:

Recent Posts

3 Reasons Incident Responders Need Osquery

Posted by Milan Shah on 12/20/18 9:18 AM

2018 marks the first full year in which Uptycs, the company created to bring Facebook’s open source osquery agent to widespread commercial adoption, has had its turnkey security analytics platform in the market. As can be expected of any startup that launches a new ground-breaking product, it has been an exciting year, full of anticipation, unprecedented interest, and challenging work as we tweaked and tuned the product to optimize it for what our customers needed it to do.

Read More

Topics: osquery, incident investigation

Securing Containers: Using osquery to Solve New Challenges Posed by Hosted Orchestration Services

Posted by Milan Shah on 6/7/18 8:37 AM

It is not often that one runs into situations that so purely fit a classic stereotype. Securing and monitoring Docker containers happens to be one of those conundrums that is a textbook example of a “damned if you do and damned if you don’t” setup. On the surface, securing and monitoring containers seems like a straightforward affair – treat containers like mini virtual machines, and run your security/monitoring agents in each container; or, treat them like processes running on the host OS, and run your security/monitoring agents on the host OS. Sounds simple enough. However, both options run into some surprisingly natty difficulties. 

Read More

Topics: osquery, Docker Security, Kubernetes, containers

Does osquery violate GDPR rules around Personally Identifiable Data (PII)?

Posted by Milan Shah on 5/25/18 8:49 AM

AHHHH! GDPR day is upon us!

If you've used a service or signed up for anything ever in your life then you've surely noticed the onslaught of "Terms of Privacy Update" emails over the last couple of days. That could only mean one thing: GDPR implementation day has finally arrived! But for all the unavoidable noise around GDPR, we couldn't help but notice a lack in any advice or documentation about osquery and its link to Personally Identifiable Information (PII) -- a focal area in the GDPR regulation (here's a "handy" 100 page reference guide on GDPR). So, let's get right to it then.

Read More

Topics: osquery, GDPR

Wildcards and globbing in osquery

Posted by Milan Shah on 5/18/17 7:49 PM

Filepath globbing (filename patterns with wildcards) support in osquery has regularly been a source of confusion, frustration, and lost time. You can certainly explore the wildcarding system in these osquery docs, but it is hoped that the notes below will help shed light on how globbing in osquery actually works to help save you some grief.

Read More

Topics: osquery tutorial, osquery

Uptycs Blog | Cloud Security Trends and Analysis

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you'll enjoy our blog enough to subscribe, share and comment.

Subscribe for New Posts

Find Uptycs Everywhere

Recommended Reads