Celebrating our 2023 open-source contributions

At Trail of Bits, we pride ourselves on making our best tools open source, such as Slither, PolyTracker, and RPC Investigator. But while this post is about open source, it’s not about ...
AEP browser endpoint multi-vector EDR

Improving Cybersecurity Response With Open Source Endpoint Visibility

Here's how osquery can empower security teams, enabling them to respond effectively and efficiently to the constant stream of cyberattacks ...
Security Boulevard
Achieving Operational Excellence in a Cybersecurity Program

Achieving Operational Excellence in a Cybersecurity Program

As cybersecurity threats continue to grow in complexity and frequency, achieving operational excellence in threat detection and response is more important than ever. However, SOCs (Security Operation Centers) often face a variety ...
Enabling File Integrity Monitoring on Windows with Osquery and EclecticIQ Endpoint Response

Enabling File Integrity Monitoring on Windows with Osquery and EclecticIQ Endpoint Response

File Integrity Monitoring (FIM) is a security control that helps organizations ensure the integrity of their files and systems by monitoring changes to files and directories. FIM is an important security control ...
Compliance Does Not Equal Cybersecurity

Compliance Does Not Equal Cybersecurity

HIPAA, GDPR, PCI, CIS, NIST.  Does any of those acronyms sound familiar? Chances are, you’ve heard of several and have a general understanding of what they’re all about. For those that don't, ...
Data Philosophy and Technology Combine for Better Endpoint Security

Data Philosophy and Technology Combine for Better Endpoint Security

  Russel Ackoff was the one of first to define a hierarchy from data to wisdom (1). In Ackoff’s words: "Data are symbols that represent the properties of objects and events. Information ...
Hunting Emotet Made Easy with EclecticIQ Endpoint Response

Hunting Emotet Made Easy with EclecticIQ Endpoint Response

  Earlier this year, EclecticIQ Analysts published this article detailing the inner workings of a newly observed Emotet variant. In November, another industry source published a report talking about the resurgence of ...
Using Log Parsing to Stop Microsoft IIS Backdoor Attacks

Using Log Parsing to Stop Microsoft IIS Backdoor Attacks

Chances are you’ve heard of Microsoft’s Internet Information Services, (more commonly known as IIS) as it’s one of the most popular web servers in the world, boasting a user base of over ...

We do Windows now

At Trail of Bits, we pride ourselves on building tools that everyone can use to help improve the security ecosystem. Given how ingrained Microsoft is with a large portion of our work ...
CNAPP, cloud-native, security, consolidation, sonsolidate, security, osquery tools Normalyze cloud security data classification

Is a 10-Year-Old Facebook Technology the Future of Cloud Security?

In the pantheon of semi-obscure open source tools, osquery is one that deserves a closer look from most security professionals. It’s easy to see why this old Facebook tool that was originally ...
Security Boulevard