Uptycs Blog

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you’ll enjoy our blog enough to subscribe and share.

3 useful ways osquery can help with security compliance

3 useful ways osquery can help with security compliance

You may not realize it, but osquery can make security compliance a little easier.

Fast and secure remote investigation with goquery and Uptycs

Fast and secure remote investigation with goquery and Uptycs

Imagine you’re a security analyst working remotely and you see something is amiss with a machine in your fleet. SSH isn’t an option because it expands the attack surface. Plus, there’s no guarantee the machine you need to investigate is even accessible through SSH. What do you do?

Good news: Uptycs Series B funding

Good news: Uptycs Series B funding

I’m excited to share that we’ve raised $30M in Series B funding led by Sapphire Ventures. This is a significant milestone for Uptycs. Jai Das from Sapphire Ventures led the round with participation from existing investors Comcast Ventures and ForgePoint Capital. It was an oversubscribed round with no room for additional investors. This serves as a testament to our strong customer relationships, our current success as a venture, and the excitement around the space of SQL-powered security analytics.

Osquery and JA3: Detecting Malicious Encrypted Connections Locally

Osquery and JA3: Detecting Malicious Encrypted Connections Locally

Network traffic encryption is increasing. This increase is driven by demand for privacy protection and the availability of great services for deploying certificates for free. According to Google’s Transparency Report, 88% of web traffic performed on Chrome for Windows is encrypted, and that number is higher for macOS, Android, and ChromeOS. The encryption trend is even clearer when you look at the percentage of HTTPS browsing time in the Transparency Report. At the same time, malware is also following this trend, as the increased security allows attackers to evade some detection mechanisms.

Harnessing the AWS Nitro Architecture to Encrypt Inter-Node Traffic in Kubernetes

Harnessing the AWS Nitro Architecture to Encrypt Inter-Node Traffic in Kubernetes

Kubernetes nodes – the machines responsible for running your container workloads – can come in a number of shapes, sizes, and configurations. One common deployment pattern, however, is a lack of in-transit encryption between them.

Another common deployment pattern? Lack of TLS support on the container workloads themselves. After all, who wants to set up and manage a PKI (Public-Key Infrastructure) and a private CA (Certificate Authority) for tens or hundreds of microservices, and get the certificates to be trusted by all workloads? I don’t know about you, but that doesn’t sound like a lot of fun to me.

SOC 2 Compliance Requirements: Essential Knowledge For Security Audits

SOC 2 Compliance Requirements: Essential Knowledge For Security Audits

For many security-conscious businesses looking for a SaaS provider, SOC 2 compliance is a minimal requirement. Unfortunately, many providers aren't sure how to implement SOC 2 compliance requirements, as they are inherently vague.

Page 2 of 16: