Manage your fleet’s firewalls with osquery
We’re releasing an extension for osquery that lets you manage the local firewalls of your fleet. Each of the three major operating systems provides a native firewall, capable of blocking incoming and outgoing access when configured. However, the interface for each of these three firewall systems are dissimilar and each ... Read More
Manage Santa within osquery
We’re releasing an extension for osquery that lets you manage Google Santa without the need for a separate sync server. Google Santa is an application whitelist and blacklist system for macOS ideal for deployment across managed fleets. It uses a sync server from which daemons pull rules onto managed computers ... Read More
Collect NTFS forensic information with osquery
We’re releasing an extension for osquery that will let you dig deeper into the NTFS filesystem. It’s one more tool for incident response and data collection. But it’s also an opportunity to dispense with forensics toolkits and commercial services that offer similar capabilities. Until now, osquery has been inadequate for ... Read More
How to prepare for a security audit
You’ve just approved an audit of your codebase. Do you: Send a copy of the repository and wait for the auditors’ reports, or Take the extra effort to set the auditors up for success? By the end of the audit, the difference between these answers will lead to profoundly disparate ... Read More
