How To Use MITRE ATT&CK For Endpoint Security
MITRE ATT&CK is a trusted tool in the arsenal of many security teams. When it comes to endpoint security, analysts need to stay proactive to ensure their organization remains resolute in the face of growing threats ... Read More
Security Analytics and Big Data: 4 Keys To An Effective Approach
Proper security analytics require big data—a fact that companies are increasingly starting to recognize. Nearly 30% of organizations claim they are collecting, processing, and analyzing significantly more security data than they did two years ago, and 42% acknowledge the future importance of leveraging big data for security purposes. But at ... Read More
Linux Security Simplified: How To Make Linux More Secure (With Less Work)
Linux is a versatile operating system. Its use cases vary greatly, from hosting hundreds of containers across a complex network, to running a single desktop, to the operating systems of TVs, Android phones and most Internet of Things (IoT) devices ... Read More
Cloud Security: Knowing the Basics
Cloud computing is a $136 billion industry, and it continues to grow. As consumers become more technology-savvy, individual use of cloud services enters the realm of convention. Cloud migration is picking up speed because it introduces cost-effective and flexible services into a previously expensive technological sphere. However, cloud computing also ... Read More
Building a Zero Trust Network (and where osquery fits) – GitLab’s Real Life Roadmap Recap
Kathy Wang, GitLab’s Sr. Director of Security, and Philippe Lafoucrière, a distinguished GitLab Engineer, recently presented “Towards Zero Trust at GitLab.com” at Google’s Cloud Next ‘19 event ... Read More
The First Curated Osquery Resource Hub
Progress in open source projects thrives on the sharing of information. Yet even with the best of intentions, much of the learning can still be considered tribal knowledge, traded between small groups of closely connected individuals. While, the osquery project certainly isn’t immune to this, the community has absolutely benefited ... Read More
Cloud Compliance for Financial Companies Requires a Merger of Three Disciplines
With weightier compliance penalties, ever-deepening cybercrime, and rapid adoption rates of public or hybrid cloud, financial services companies must pay closer attention to cloud compliance and stop treating it in a vacuum ... Read More
Secret Agent Mess
While endpoint agents have always tried to be the eyes and ears for security, an overabundance of them may be degrading security rather than improving it. A 2017 survey from Barkly and Ponemon Institute finds that companies have as many as seven different agents running on each endpoint, while at ... Read More
Intro to Osquery: Frequently Asked Questions for Beginners
There is a growing and passionate community around osquery, actively sharing information and perspective, answering questions, exposing challenges and dispelling misconceptions. Even so, learning the basics as you're getting started requires a lot of piecing together bits of wisdom (ie Googling + Reading + Networking). The intention of this post ... Read More