osquery
Osquery In-House vs Building: What It Takes at Scale
Key Takeaways Running osquery in-house requires significant infrastructure, engineering effort, and ongoing maintenance At scale, correlation, performance, and data management become the biggest challenges Uptycs extends osquery with unified telemetry, built-in protection, ...
Not All Sensors Are Built the Same | Uptycs Blog
Why Uptycs’ Unified Sensor Delivers More Power, Less Overhead In cloud-native security, visibility is everything. What your sensor can see—and how efficiently it captures, correlates, and acts on that data—determines how effectively ...
Celebrating our 2023 open-source contributions
At Trail of Bits, we pride ourselves on making our best tools open source, such as Slither, PolyTracker, and RPC Investigator. But while this post is about open source, it’s not about ...
Improving Cybersecurity Response With Open Source Endpoint Visibility
Here's how osquery can empower security teams, enabling them to respond effectively and efficiently to the constant stream of cyberattacks ...
Achieving Operational Excellence in a Cybersecurity Program
As cybersecurity threats continue to grow in complexity and frequency, achieving operational excellence in threat detection and response is more important than ever. However, SOCs (Security Operation Centers) often face a variety ...
Enabling File Integrity Monitoring on Windows with Osquery and EclecticIQ Endpoint Response
File Integrity Monitoring (FIM) is a security control that helps organizations ensure the integrity of their files and systems by monitoring changes to files and directories. FIM is an important security control ...
Compliance Does Not Equal Cybersecurity
HIPAA, GDPR, PCI, CIS, NIST. Does any of those acronyms sound familiar? Chances are, you’ve heard of several and have a general understanding of what they’re all about. For those that don't, ...
Data Philosophy and Technology Combine for Better Endpoint Security
 Russel Ackoff was the one of first to define a hierarchy from data to wisdom (1). In Ackoff’s words: "Data are symbols that represent the properties of objects and events. Information ...
Hunting Emotet Made Easy with EclecticIQ Endpoint Response
 Earlier this year, EclecticIQ Analysts published this article detailing the inner workings of a newly observed Emotet variant. In November, another industry source published a report talking about the resurgence of ...
Using Log Parsing to Stop Microsoft IIS Backdoor Attacks
Chances are you’ve heard of Microsoft’s Internet Information Services, (more commonly known as IIS) as it’s one of the most popular web servers in the world, boasting a user base of over ...
