15-Minute Demo

Group 337

Uptycs for Incident Investigation

15 minutes is all you'll need to grasp a baseline view of why osquery is so powerful for incident investigation AND how Uptycs can make deploying and using osquery a near term reality.

Join Principal Solutions Engineer, Pat Haley, as he moves through the Uptycs interface to showcase: 

  • - Detection of a potential security incident
  • - Triage of the initial alert based on contextual data
  • - Real-time and historical investigation to understand exposure and scope

Register Here:

What is osquery?

Osquery is a an open-source, cross-platform agent that turns your operating system into a virtual database, letting you leverage the power of the SQL language to ask anything from your system. Over 200 tables let you understand what processes are running, what users are logged in, where the machine is connected, what files are on disk and much, much more. Due to its flexibility and power, it makes an amazing tool for threat hunting, security monitoring, and even IT operations.

What is Uptycs?

Uptycs is a security analytics platform that combines the open source osquery agent with a scalable back end, highly optimized queries, and integrated threat feeds to enable incident investigation, audit and compliance & intrusion detection.

Are there other resources I can check out?

Yes, lots! To learn more about osquery for incident investigation, take a look at this great session from Stripe: 

Or, visit our osquery resource hub: https://www.uptycs.com/osquery-resource-hub