Free Training:
Learn the basics of osquery and SQL in this completely free training. This self-paced, instructor led course is split into 5 pre-recorded lessons and includes everything you'll need to install osquery on a Linux virtual machine and practice SQL queries.
Sign-up now for instant access.
Uptycs is offering this free osquery training as a self-paced course that will equip students with an understanding of the data that osquery can be configured to collect, the tables that data is stored in and how to access that data using SQL and the osqueryi command line interface. Although completely self-paced, we find this course can be completed in 2-4 hours given uninterrupted focus and intention. This free osquery training will include everything you'll need to install osquery on a Linux virtual machine and learn how to query a variety of data types and sources from that virtual machine by exploring how to answer questions/scenarios provided by your instructor. This free osquery training is perfect for Security Researchers, Security Engineers, Mac Administrators, IT Administrators and any technically minded security leaders and practitioners. No prior experience with osquery is needed. Some experience with SQL is helpful, but also not required.
Your instructor, Doug Wilson, is the Director of Security at Uptycs and has nearly twenty years of experience in InfoSec and Technology. An advocate for open tools and standards, he helped found and run OWASP DC. Learn more about Doug on Twitter, LinkedIn and the Uptycs blog.
About Osquery
Official osquery docs describe osquery (os=operating system) as an operating system instrumentation framework that exposes an operating system as a high-performance relational database. Using SQL, you can write a single query to explore any given data, regardless of operating system.
Related osquery materials:
Because of its cross-environment and cross-OS compatibility (cloud, on-prem, workstation, server, container, etc) we believe osquery holds significant promise in helping simplify the complex and fragmented security ecosystem. Open source and commercial offerings based on osquery, paired with a collaborative and open community, can help make security and monitoring accessible for companies of all sizes and teams of varying skill set.