osquery
Celebrating our 2023 open-source contributions
At Trail of Bits, we pride ourselves on making our best tools open source, such as Slither, PolyTracker, and RPC Investigator. But while this post is about open source, it’s not about ...
Improving Cybersecurity Response With Open Source Endpoint Visibility
Here's how osquery can empower security teams, enabling them to respond effectively and efficiently to the constant stream of cyberattacks ...
Achieving Operational Excellence in a Cybersecurity Program
As cybersecurity threats continue to grow in complexity and frequency, achieving operational excellence in threat detection and response is more important than ever. However, SOCs (Security Operation Centers) often face a variety ...
Enabling File Integrity Monitoring on Windows with Osquery and EclecticIQ Endpoint Response
File Integrity Monitoring (FIM) is a security control that helps organizations ensure the integrity of their files and systems by monitoring changes to files and directories. FIM is an important security control ...
Compliance Does Not Equal Cybersecurity
HIPAA, GDPR, PCI, CIS, NIST. Does any of those acronyms sound familiar? Chances are, you’ve heard of several and have a general understanding of what they’re all about. For those that don't, ...
Data Philosophy and Technology Combine for Better Endpoint Security
Russel Ackoff was the one of first to define a hierarchy from data to wisdom (1). In Ackoff’s words: "Data are symbols that represent the properties of objects and events. Information ...
Hunting Emotet Made Easy with EclecticIQ Endpoint Response
Earlier this year, EclecticIQ Analysts published this article detailing the inner workings of a newly observed Emotet variant. In November, another industry source published a report talking about the resurgence of ...
Using Log Parsing to Stop Microsoft IIS Backdoor Attacks
Chances are you’ve heard of Microsoft’s Internet Information Services, (more commonly known as IIS) as it’s one of the most popular web servers in the world, boasting a user base of over ...
We do Windows now
At Trail of Bits, we pride ourselves on building tools that everyone can use to help improve the security ecosystem. Given how ingrained Microsoft is with a large portion of our work ...
Is a 10-Year-Old Facebook Technology the Future of Cloud Security?
In the pantheon of semi-obscure open source tools, osquery is one that deserves a closer look from most security professionals. It’s easy to see why this old Facebook tool that was originally ...