Filter Topic:
Filter Platform:
By: Adobe & BrightTalk
Webinar
Scaling Cloud Forensics & Incident Response with Osquery

Learn how the Adobe security team uses osquery to investigate large groups infrastructure components for initial triage, basic forensic analysis, and proactively detect threats.

Learn More

Watch Now

By: HoldMyBeer
Blog
Detecting Malicious Downloads with Osquery, Ryslog, Kafka, Python3, and VirusTotal

We'll explore how to set up a simple logging pipeline to detect maliciously downloaded files. If this pipeline detects a malicious file, a Slack alert will be triggered.

Learn More

Read Now

By: Jef Spaleta, Sensu
Blog
Adding Context to your Sensu checks with Osquery

Osquery’s approach of using SQL SELECT statements to investigate the state of a system makes for an excellent way to quickly add a significant amount of context into a Sensu check.

Learn More

Read Now

By: Trail of Bits
Blog
How are teams currently using osquery?

Feedback from five major tech firms using osquery on use cases and challenges.

Learn More

Read Now

By: Uptycs
Blog
Intro to Osquery: Frequently Asked Questions for Beginners

FAQ for people considering or just getting started with osquery.

Learn More

Read Now

By: Kolide, Zach Wasserman
Blog
Osquery Under the Hood

Learn more about the architecture of the osquery system, how to step up your game, and contribute code.

Learn More

Read Now

By: Uptycs
Blog
6 Tasks for Basic macOS system monitoring with osquery

macOS system monitoring with osquery is quick and easy once you understand some SQLite commands.

Learn More

Read Now

By: Okta, Matt Jane
Blog
Meet the SGT, an osquery Management Server Built Entirely on AWS!

An osquery endpoint management server designed to take advantage of the native scaling, performance, and reliability of the AWS cloud environment.

Learn More

Read Now

By: GitHub - Facebook
External Website
Osquery Query Packs

Review and access the complete list of query packs provided for open source osquery.

Learn More

Visit Site

By: AirbnbEng
Blog
Stream Alert: Real-time Data Analysis and Alerting

StreamAlert is a real-time data analysis framework with point-in-time alerting...

Learn More

Read Now

By: Brewfault, Nick Anderson
Blog
Building and deploying osquery extension on Windows

A look at how to create extensions for Windows.

Learn More

Read Now

By: Uptycs
Blog
Implementing TLS Persistent Transport Support in osquery

The implementation of TLS Persistent Transport Support in osquery decreases the network traffic...

Learn More

Read Now

By: GitHub - osquery
External Website
osquery Python Bindings

In osquery, SQL tables, configuration retrieval, log handling, etc are implemented via a simple, robust plugin and extensions API. This project contains the official Python bindings for creating osquery extensions in Python.

Learn More

Visit Site

By: GitHub - Kolide
External Website
osquery Go Bindings

In osquery, SQL tables, configuration retrieval, log handling, etc. are implemented via a robust plugin and extensions API. This project contains Go bindings for creating osquery extensions in Go.

Learn More

Visit Site

By: GitHub - Trail of Bits
External Website
Trail of Bits osquery Extensions

Osquery extensions developed and maintained by Trail of Bits. Extensions add capabilities that go beyond osquery core.

Learn More

Visit Site

By: Palantir
Blog
osquery Across the Enterprise

Incident detection and response across thousands of hosts requires a deep understanding of actions and behavior across users, applications, and devices.

Learn More

Read Now

By: Defensive Depth, Josh Brower
Blog
Custom Configs with Osquery MSI

Learn how to bundle your custom configs with the osquery binary and output a customized MSI.

Learn More

Read Now

By: Digital Ocean
Blog
How To Monitor Your System Security with osquery on Ubuntu 16.04

Install osquery on Ubuntu 16.04, use the 'osqueryi' interactive mode, and monitor a live system.

Learn More

Read Now

By: Kolide, Zach Wasserman
Blog
Monitoring macOS hosts with osquery

While Windows has a mature market for host instrumentation products, the options on macOS have been severely limited.

Learn More

Read Now

By: Uptycs
Blog
Mac Malware Analysis Using Osquery

Osquery is a highly effective means to analyze malware across macOS, Linux, and Windows. In this blog post, we use OSX/Dummy as an example to analyze malware by collecting events data via osquery.

Learn More

Read Now

By: LinuxFest Northwest
Video
Using Osquery Via Fleet for Client/Server Visibility

Fleet visibility with osquery and other f/oss tools

Learn More

Watch Video

By: Uptycs
Video
macOS Administration

Using SQLite to ask osquery about inventory, disk encryption, remaining storage, active logins and more.

Learn More

Watch Now

By: Facebook Code, Mike Arpaia
Blog
Introducing osquery

The introduction of osquery to the open source community by Facebook

Learn More

Read Now

By: Uptycs
Training
Free Course: Intro to Osquery

Learn osquery for free in this instructor led video tutorial series.

Learn More

Enroll Now

By: Osquery.io
External Website
Osquery: Read the Docs

Explore official project documentation from getting started to advaned configs.

Learn More

Visit Site

By: 451 Research
Research Report
Uptycs emerges from stealth betting on SQL based osquery for upending endpoint security.

Fernando Montenegro, Senior Analyst at 451 Research offers his view of osquery, its potential and risk in the security market.

Learn More

Download

By: Uptycs
Blog
Deploying Osquery at Scale: A Comprehensive List of Open Source Tools

An open source tools guide for deploying osquery at scale.

Learn More

Read Now

By: Osquery.io
External Website
Osquery Schema

Explore tables and data structure of open source osquery by version.

Learn More

Visit Site

By: Uptycs
Blog
How osquery will change the fragmented security market

Proprietary, agent-based solution silos have created a fragmented and complex market...

Learn More

Read Now

By: GitHub - Facebook
External website
Osquery Project on GitHub

View issues, pull requests and history of the open source project.

Learn More

Visit Site

By: QueryCon, Teddy Reed
Video
The Scary Parts of Osquery

Teddy Reed reveals the fragile componenets of osquery and suggestions for how to improve.

Learn More

Watch Video

By: Netflix Technology Blog
Blog
Netflix Cloud Security SIRT releases Diffy: A Differencing Engine for Digital Forensics in the Cloud

Diffy is a triage tool to help DFIR teams quickly identify compromised hosts on Cloud Workloads.

Learn More

Read Now

By: Trail of Bits
Blog
Collect NTFS forensic information with osquery

Learn about an extension for osquery that will let you dig deeper into the NTFS filesystem.

Learn More

Read Now

By: Uptycs
Blog
3 Reasons Incident Responders Need Osquery

Osquery offers simple, yet profound ways to combine event and context data...

Learn More

Read Now

By: Chocolatey
Download
Chocolatey osquery package

Install the Chocolately osquery package

Learn More

Visit Site

By: Uptycs
External Website
dockerhub - osquery docker image

dockerhub container download for osquery

Learn More

Visit Site

By: GitHub - Facebook
Download
osx-attacks Query Pack

Download the current known OS X vulnerabilities pruned by the osquery community.

Learn More

Visit Site

By: Uptycs
Video
osquery Basics: standalone osquery installation on macOS

Hands on guide to installing osquery on macOS.

Learn More

Watch Now

By: Uptycs
Blog
Windows Registry & Osquery: The Easy Way to Ensure Users are Secured

Learn how to gather information from the Windows registry using osquery.

Learn More

Read Now

By: Slack
Chat Group
Osquery on Slack

A dedicated Slack channel for users and developers to colloborate on osquery.

Learn More

Join Channel

By: Osquery.io
Download
Osquery Install Package Library

Download packages designed and signed by the Facebook team.

Learn More

Visit Site

By: Chris Long
Blog
Osquery for Security | Part 1

How to create an osquery config, centralize the log output, and start creating effective searches and alerts.

Learn More

Read Now

By: Uptycs
Blog
Securing Containers: Using osquery to Solve New Challenges Posed by Hosted Orchestration Services

Explore the benefits of running osquery as a DaemonSet container.

Learn More

Read Now

By: HowtoForge
Blog
How to setup File Integrity Monitoring (FIM) using osquery on Linux

Learn how to setup FIM using osquery on Ubuntu 18.04 and CentOS 7.

Learn More

Read Now

By: ITNext, Corentin Badot-Bertrand
External Website
Auditing Containers with osquery

When running containers in production with Docker, bad configurations can easily lead to vulnerable environments...

Learn More

Read Now

By: Chris Long
Blog
Osquery for Security | Part 2

Advanced osquery functionality. File integrity monitoring, process auditing, and more.

Learn More

Read Now

By: Uptycs
Blog
How Osquery Helps Secure Your Cloud with These Two Critical CIS Benchmark Controls

Protecting your organization and data against cyber attack vectors in the cloud requires new tools.

Learn More

Read Now

By: Craig Huber
Blog
macOS Security with Osquery and AWS Kinesis Firehose

Learn how to monitor macOS with osquery and AWS Kinesis Firehose.

Learn More

Read Now

By: Dropbox Tech Blog
Blog
macOS monitoring the open source way

Dropbox provides a view into how they monitor macOS in their environment.

Learn More

Read Now

By: Palantir
External Website
Auditing with osquery: Part One - Introduction to the Linux Audit Framework

This post lays the foundation [for auditing] by expanding on the basic concepts of the Linux Audit Framework.

Learn More

Read Now

By: Palantir
External Website
Auditing with osquery: Part Two - Configuration and Implementation

In addition to configuring auditing, strategies for reducing the performance impact and logging volume are shared.

Learn More

Read Now

By: HoldMyBeer
Blog
Logging osquery with Rsyslog V8 - Love at First Sight

How to ingest osquery logs with Rsyslog V8 via the system journal (vs from disk).

Learn More

Read Now

By: QueryCon, Milan Shah
External Website
QueryCon 2018 - Osquery and Docker Containers

A technical look at how and why to run osquery as a DaemonSet container.

Learn More

Watch Now

By: Seshu Pasam
External Website
Docker and Osquery

An overview of using osquery with docker from one of the original project contributors.

Learn More

Read Now

By: SQLite
External Website
SQLite Core Functions

Orient yourself to core functions available in SQLite, used by osqueryi.

Learn More

Visit Site

By: Uptycs
Video
SQL Basics for Osquery

Hands on demonstration of basic SQL for osquery.

Learn More

Watch Now

By: Alien Vault, Javier Ruiz
Blog
Malware Analysis using Osquery Part 1

An analysis of different malware families, the types of events generated on the endpoint and how Osquery can detect them.

Learn More

Read Now

By: Alien Vault, Javier Ruiz
Blog
Malware Analysis using Osquery Part 2

Using Osquery to explore the registry and startup_items tables to see another common technique that malware uses.

Learn More

Read Now

By: Carbon Black, Stacia Tympanick
Blog
ATT&CK +osquery = Love

A look at combining the MITRE ATT&CK framework with osquery for Windows.

Learn More

Read Now

By: Uptycs
Blog
Hunting for Evil Launch Daemons - Identifying Suspicious Behavior with Osquery

Follow this guide for identifying bad launch daemons on macOS using osquery.

Learn More

Read Now

By: Rapid7
Blog
Introduction to Osquery for Threat Detection and DFIR

Review example SQL queries for Threat Detection and DFIR using osquery.

Learn More

Read Now

By: Uptycs
Blog
Osquery in Action: Where and When to Apply "Threat Intel"

Defining Threat Intel, its various sources and how to apply it at scale.

Learn More

Read Now

By: DarkBytes, Dennis Griffin
Blog
Osquery Windows Process Event Audting

How to enable process auditing for Windows.

Learn More

Read Now

By: SANS & Uptycs
Webinar
Osquery: A Modern Approach to CSIRT Analytics

Join SANS Analyst, Dave Shackleford and Uptycs CTO, Milan Shah as they explore the new ways CSIRT teams are using osquery to provide a comprehensive, high-fidelity data set for incident investigation and more.

Learn More

Watch Now

No results found