Uptycs Blog

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you’ll enjoy our blog enough to subscribe and share.

Using Augeas with osquery: How to access configuration files from hundreds of applications

Using Augeas with osquery: How to access configuration files from hundreds of applications

Osquery is a powerful tool that allows you to investigate and monitor a myriad of endpoint activity, status, and configuration information through a unified SQL interface. Inside osquery, there's typically a 1:1 correspondence between a source of information and the SQL table you can use to browse or search this information. Some sources of information include parts of the /proc file system, API calls to container daemons, reading logs or status files on disk, and event streams coming from the Linux audit frame.

Osquery tutorial: How to check disk encryption on Mac, Linux, and Windows

Osquery tutorial: How to check disk encryption on Mac, Linux, and Windows

As user-driven security expands, the need for securing user-managed systems grows. Disk encryption is an essential and straightforward way to shore up user security.

Osquery tutorial: Assessing Chrome extension permissions

Osquery tutorial: Assessing Chrome extension permissions

In a previous tutorial, we discussed gathering software inventory, including Chrome extensions.

Knowing what you have is half the battle. But once you know what you have, how do you decide what you should keep?

Osquery tutorial: Gathering software inventory

Osquery tutorial: Gathering software inventory

Gathering software inventory is an important part of security and systems management. There’s a good reason software inventory is No. 2 in the list of CIS Critical Controls!

macOS Bundlore: Is New Code Being Tested in Old Adware?

macOS Bundlore: Is New Code Being Tested in Old Adware?

macOS Bundlore is one of the most popular macOS adware installers. It either comes bundled with pirated applications, or from the web, prompting users to install or update Flash. Though the majority of browsers now have limited support for Flash, it is still a favorite mechanism for infecting systems. 

Deploying osquery for Windows Using GPO (Group Policy Objects)

Deploying osquery for Windows Using GPO (Group Policy Objects)

We are asked quite often if deploying the osquery agent is possible via Windows Group Policy Objects (GPOs). 

Page 1 of 4: