Uptycs Blog

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you’ll enjoy our blog enough to subscribe and share.

Security Insights for Linux, macOS and Containers | open-source

[Infographic] macOS Native Security Configurations and osquery

[Infographic] macOS Native Security Configurations and osquery

Be it for macOS or my dog eating out of the trash, there is no such thing as a bullet-proof security policy. It’s all about creating a threshold of standards- something to work off of while simultaneously reducing overall risk (you know, like storing your trash can on the counter, for example).

Performant Osquery – Enterprise-grade Osquery at Scale Considerations

Performant Osquery – Enterprise-grade Osquery at Scale Considerations

In this blog post I’ll cover osquery’s ability to provide performant behavior and its capabilities to excel at enterprise grade requirements. Many observations covered in this blog will highlight various capabilities of osquery that should aid in your journey toward an enterprise-grade osquery deployment.

Osquery Security Use Cases and Solutions

Osquery Security Use Cases and Solutions

Osquery has become a popular source of instrumentation for a wide variety of use cases. On github security showcase, it is currently among the top most popular open source security projects. Given the popularity, a recurring question is what use cases can one address with osquery in an enterprise environment?

Checking MDS/Zombieload Mitigations on macOS with Osquery

Checking MDS/Zombieload Mitigations on macOS with Osquery

As a part of a pretty crazy week (Microsoft/RDS, Apple/Mojave/High Sierra, Adobe Acrobat/ Flash Player) when it comes to security updates, some new speculative execution vulnerabilities were disclosed and fixed.

Threat Hunting with Osquery: 5 macOS Malware Techniques & How to Find Them

Threat Hunting with Osquery: 5 macOS Malware Techniques & How to Find Them

This previous blog post explored ways to use osquery for macOS malware analysis. Using the same methodology introduced there, we analyzed five additional macOS malware variants and recorded their behavior to understand the techniques they used. Below, you’ll find the techniques used by Calisto, Dummy, HiddenLotus, LamePyre and WireLurker. Read on to explore how to translate the techniques used by these malware into queries you can run to hunt for the active presence or historical artifacts using osquery.

The First Curated Osquery Resource Hub

The First Curated Osquery Resource Hub

Progress in open source projects thrives on the sharing of information. Yet even with the best of intentions, much of the learning can still be considered tribal knowledge, traded between small groups of closely connected individuals. While, the osquery project certainly isn’t immune to this, the community has absolutely benefited from a passionate and growing base of users, developers, contributors and tinkerers that are dedicated to documenting and sharing what they’ve learned.

Page 1 of 3: