Skip to main content

Flexible Endpoint Security with Osquery

Zach Wasserman
Tech Evangelist, Fleet Device Management

Learn how modern defenders use osquery to address posture, visibility, detection, and response across the major computing platforms: Windows, Linux, and macOS. A brief overview of osquery's origins, motivations, along with deployment strategy will set the stage for deeper exploration.

Participants will learn how to leverage osquery for proactive security posture assessment, crafting SQL queries to audit and enforce essential security configurations across endpoints. Enhance visibility into systems by demonstrating how to query system logs, running processes, and active network connections effectively.

Demonstrations will show how this power can be used to better contextualize vulnerabilities, threats, and incident response. The result? An incredible supplement to existing EDR tools, or the foundation for an open, customizable security stack.

The session concludes by addressing the integration of osquery into comprehensive security programs. Participants will explore strategies involving log management, Security Orchestration, Automation, and Response (SOAR), performance considerations, and detection engineering workflows.

Ultimately, attendees will leave equipped with actionable insights, practical SQL expertise, and the knowledge required to effectively incorporate osquery into their organization's security infrastructure.

Cookie Consent

We use cookies to improve your experience and for analytics.
Privacy Preferences
I use cookies to ensure the basic functionalities of the website and to enhance your online experience. You can choose for each category to opt-in/out whenever you want. For more details relative to cookies and other sensitive data, please read the full privacy policy.
Essential cookies
Required
Marketing cookies
Analytics cookies
Personalization cookies