Osquery configurations often start simple and static, but, as the complexity of an osquery deployment grows, the level of dynamicism grows to where a complex server installation is required to group sets of hosts together and target them for …
Osquery is a lightweight host intrusion detection tool that organizations can use to monitor extremely large production environments as well as smaller corporate environments. In this talk, we will discuss how to get started with osquery and how the …
Released in 2014 by Facebook, osquery is an open source operating system instrumentation framework and toolset. In this talk, I will reflect on some of the original motivations for creating osquery and discuss the concepts of openness in the …
A critical aspect of maintaining a robust infrastructure security posture is being able to ask low-level question of hosts in your environment. Even on a single host, performing operating system analytics can often be complex, error prone and …