Uptycs Named a Leader in KuppingerCole CNAPP Leadership Compass Download →

The Premier Osquery Resource Hub: Curating the Best Tools & Information

Blog Author
Amber Picotte

Progress in open source projects thrives on the sharing of information. Yet even with the best of intentions, much of the learning can still be considered tribal knowledge, traded between small groups of closely connected individuals. While, the osquery project certainly isn’t immune to this, the community has absolutely benefited from a passionate and growing base of users, developers, contributors and tinkerers that are dedicated to documenting and sharing what they’ve learned.


The QueryCon event, presented this year by Kolide, Trail of Bits and Carbon Black, is just one great exampleof this. At Uptycs, we’re trying to do our part by providing a completely free intro to osquery training that’s available online anytime. We’ve also been offering free in-person osquery workshops during security focused events. Some of those upcoming live opportunities are:

  • SANS Security West, San Diego, May 9th
  • HackMiami, Miami, May 18th
  • AWS re:Inforce, Boston, June 24th - Register Here

In addition, there are many individuals like Matt Jane, Chris Long, Mike Arpaia, Josh Brower, Guillaume Ross, Craig Huber, Javier Ruiz, the Airbnb & Netflix engineering teams, (just to name a few) who are speaking at conferences, writing blog articles and actively sharing their knowledge.

In an effort to capture and consolidate some of this great effort, today we’re launching an Osquery Resource Hub to make it easier to access this communal knowledge. The Osquery Resource Hub is curated by hand with the goal of offering a one-stop experience of the most popular, up-to-date/ accurate osquery resources, written by a variety of subject matter experts and end users. The content selected attempts to cover as many operating environments as possible, and can be filtered to narrow in on what is most relevant for a particular user. New content will be added frequently, and irrelevant items pruned periodically as the project evolves.

Our interactive osquery resource hub filtering for MacOS threat hunting content.

If you have a great piece of osquery related content we’ve missed, please leave a comment below and tell us how it helped, or what it taught you so we can consider adding it to the hub.