Progress in open source projects thrives on the sharing of information. Yet even with the best of intentions, much of the learning can still be considered tribal knowledge, traded between small groups of closely connected individuals. While, the osquery project certainly isn’t immune to this, the community has absolutely benefited from a passionate and growing base of users, developers, contributors and tinkerers that are dedicated to documenting and sharing what they’ve learned. The QueryCon event, presented this year by Kolide, Trail of Bits and Carbon Black, is just one great exampleof this. At Uptycs, we’re trying to do our part by providing a completely free intro to osquery training that’s available online anytime. We’ve also been offering free in-person osquery workshops during security focused events. Some of those upcoming live opportunities are:
- SANS Security West, San Diego, May 9th > Register Here
- HackMiami, Miami, May 18th > Register Here
- AWS re:Inforce, Boston, June 24th > Register Here
In addition, there are many individuals like Matt Jane, Chris Long, Mike Arpaia, Josh Brower, Guillaume Ross, Craig Huber, Javier Ruiz, the Airbnb & Netflix engineering teams, (just to name a few) who are speaking at conferences, writing blog articles and actively sharing their knowledge.
In an effort to capture and consolidate some of this great effort, today we’re launching an Osquery Resource Hub to make it easier to access this communal knowledge. The Osquery Resource Hub is curated by hand with the goal of offering a one-stop experience of the most popular, up-to-date/ accurate osquery resources, written by a variety of subject matter experts and end users. The content selected attempts to cover as many popular use cases in as many operating environments as possible, and can be filtered to narrow in on what is most relevant for a particular user. New content will be added frequently, and irrelevant items pruned periodically as the project evolves.
If you have a great piece of osquery related content we’ve missed, please leave a comment below and tell us how it helped, or what it taught you so we can consider adding it to the hub.