Julian Wayte is a Security Solutions Engineer for Uptycs. In this role, he helps organizations architect security solutions - based on endpoint telemetry and automated workflows – in order to solve a variety of security use cases. Julian loves working with and teaching osquery. He has worked for 20 years in various customer facing, technical, IT roles helping organizations manage and secure their data.
What is osquery?
Osquery is a an open-source, cross-platform agent that turns your operating system into a virtual database, letting you leverage the power of the SQL language to ask anything from your system. Over 200 tables let you understand what processes are running, what users are logged in, where the machine is connected, what files are on disk and much, much more. Due to its flexibility and power, it makes an amazing tool for threat hunting, security monitoring, and even IT operations.
What is JA3?
A product of Salesforce engineering, JA3 is a method to profile the way server and clients do their SSL/ TLS handshake. See more here.
How can I get some additional osquery resources?
Head over to the osquery Resource Hub for the best training, engineering, and practitioner resources from all across the web!