Learn how modern defenders use osquery to address posture, visibility, detection, and response across the major computing platforms: Windows, Linux, and macOS. A brief overview of osquery's origins, motivations, along with deployment strategy will set the stage for deeper exploration.

Participants will learn how to leverage osquery for proactive security posture assessment, crafting SQL queries to audit and enforce essential security configurations across endpoints. Enhance visibility into systems by demonstrating how to query system logs, running processes, and active network connections effectively.

Demonstrations will show how this power can be used to better contextualize vulnerabilities, threats, and incident response. The result? An incredible supplement to existing EDR tools, or the foundation for an open, customizable security stack.

The session concludes by addressing the integration of osquery into comprehensive security programs. Participants will explore strategies involving log management, Security Orchestration, Automation, and Response (SOAR), performance considerations, and detection engineering workflows.

Ultimately, attendees will leave equipped with actionable insights, practical SQL expertise, and the knowledge required to effectively incorporate osquery into their organization's security infrastructure.

‍

Heading 1

Heading 2

Heading 3

Heading 4

Heading 5

Heading 6

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

Block quote

Ordered list

1. Item 1
2. Item 2
3. Item 3

Unordered list

• Item A
• Item B
• Item C

Text link

Bold text

Emphasis

^Superscript

_Subscript