Uptycs Blog

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you’ll enjoy our blog enough to subscribe and share.

Detecting Malicious Packages in Repositories like PyPI: Using Osquery for Complete Software Inventory

Detecting Malicious Packages in Repositories like PyPI: Using Osquery for Complete Software Inventory

Many systems make installing 3rd party software incredibly convenient; from packaging systems and well loved Linux distribution tools like Debian Apt to app stores and per-language repositories. Users are also often allowed to install browser extensions or plugins, which come from their own “store” and are just another type of software. For these reasons, and without forgetting containers, maintaining a software inventory that allows you to identify dangerous packages has become harder to do, but more critical to accomplish.

[Video] Incident Investigation with Uptycs and Osquery

[Video] Incident Investigation with Uptycs and Osquery

 

This video features Pat Haley, our Principal Sales Engineer, walking through the strengths and challenges of osquery, how osquery can be used for incident investigations, and how Uptycs can add value to an osquery deployment of any size.

Cloud Security: Knowing the Basics

Cloud Security: Knowing the Basics

Cloud computing is a $136 billion industry, and it continues to grow. As consumers become more technology-savvy, individual use of cloud services enters the realm of convention. Cloud migration is picking up speed because it introduces cost-effective and flexible services into a previously expensive technological sphere. However, cloud computing also gives rise to new security challenges.

Building a Zero Trust Network (and where osquery fits) - GitLab’s Real Life Roadmap Recap

Building a Zero Trust Network (and where osquery fits) - GitLab’s Real Life Roadmap Recap

Kathy Wang, GitLab’s Sr. Director of Security, and Philippe Lafoucrière, a distinguished GitLab Engineer, recently presented “Towards Zero Trust at GitLab.com” at Google’s Cloud Next ‘19 event.

Checking MDS/Zombieload Mitigations on macOS with Osquery

Checking MDS/Zombieload Mitigations on macOS with Osquery

As a part of a pretty crazy week (Microsoft/RDS, Apple/Mojave/High Sierra, Adobe Acrobat/ Flash Player) when it comes to security updates, some new speculative execution vulnerabilities were disclosed and fixed.

Remote Desktop Vulnerabilities: Identifying the Exposure and Patch Using Osquery

Remote Desktop Vulnerabilities: Identifying the Exposure and Patch Using Osquery

[Updated March 11th] This article was written in May 2019 and updated in June 2019. We are updating it again, as CVE-2020-0796 is now public, and has not been patched yet.

CVE-2020-0796 is a remote code execution bug in Microsoft’s SMB (file sharing) server.

Expect attacks targeting this vulnerability soon. Use the queries in this article to find machines with port 445 exposed to the Internet.

Page 9 of 16: