Osquery architecture5/10/2023 ![]() Facebook says its security team has been using osquery to, among others, collect data on browser extensions running on its corporate network. The framework was released as open source in October 2014, but until now it had only been available for OS X and Linux. Basically, osquery exposes the operating system as a relational database where processes, network connections, loaded kernel modules, hardware events and browser plugins are represented in SQL tables that can be easily queried. Osquery is an instrumentation framework designed to allow users to easily and efficiently explore their operating system via SQL-based queries. Tyler has presented at multiple conferences including BSides, DefCon and Blackhat panels, SANS security events and to multiple branches of the military.Facebook announced on Tuesday the availability of an osquery version that can be used by security teams to quickly identify and analyze threats on their Windows networks. With over 2 decades of experience, Tyler specializes in Red Teaming, APT threat modeling, blackbox network penetration testing, and Physical/Social-Engineering. Tyler Robinson – Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark the Managing Director of Offensive Security & Research at Trimarc, Tyler leads a team of high-performance security professionals within the offensive security field by simulating sophisticated adversaries and creating scalable offensive security platforms using the latest techniques as seen in the wild. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. ![]() Paul is offensive, having spent several years as a penetration tester. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul Asadoorian – Founder at Security Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Lee has worked with securing information systems since he installed his first firewall in 1989. ![]() He has had extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. He has been involved in many aspects of IT from system integration and quality testing to system and security architecture since 1986. Lee Neely – Senior Cyber Analyst at Lawrence Livermore National Neely is a senior IT and security professional at Lawrence Livermore National Laboratory (LLNL) with over 25 years of experience. When not hard at work, Larry enjoys long walks on the beach weighed down by his ham radio, (DE KB1TNF), and thinking of ways to survive the impending zombie apocalypse. Larry’s independent research for the show has led to interviews with the New York Times with MythBusters’ Adam Savage, hacking internet-connected marital aids on stage at DEFCON, and having his RFID implant cloned on stage at Shmoocon. Larry holds the GAWN, GCISP, GCIH, GCFA, and ITIL certifications, and has been a certified instructor with SANS for 5 years, where he trains the industry in advanced wireless and Industrial Control Systems (ICS) hacking. He also regularly gives talks at DEF CON, ShmooCon, Derb圜on, and various BSides. Larry Pesce – Principal Managing Consultant and Director of Research & Development at core specialties include hardware and wireless hacking, architectural review, and traditional pentesting. Josh Marpet – Executive Director at Director, RM-ISAO Seven years on, he is excited to continue learning and growing with the osquery community. He has served as a member of osquery’s Technical Steering Committee since its inception in 2019. He brings the vision and experience of working with osquery since the earliest design documents at Facebook in 2014. Zach Wasserman – CTO at Fleet Device is cofounder and CTO of Fleet, where he works to unlock the full potential of osquery for enterprise and open-source customers. This open-source strategy eases deployment, reduces cost, improves trust, and provides flexibility to meaningfully improve security on the endpoint.įull Episode Show Notes Open Source Endpoint Security with Osquery & Fleet Guests We will dig into how osquery and Fleet can enable observation, collection, and investigation on endpoints. The world’s top tech organizations are pursuing an open-source endpoint security strategy using osquery.
0 Comments
Leave a Reply. |