Osquery@scale

Watch the video to see Andrew Mease, Senior Principal Security Engineer at Comcast discuss their response to big vulnerabilities like Log4Shell and Spring4Shell.

In this session Andrew Mease, Senior Principal Security Engineer at Comcast, talks about how osquery has helped the Comcast security team solve some key issues in recent months by enhancing visibility. Learn how Comcast responded to big vulnerabilities like Log4Shell and Spring4Shell. You know that visibility is key; now see if osquery can help you improve, no matter what your current posture might be.

Check out the other sessions from Osquery@scale, an annual event hosted by Uptycs for the osquery community. This event was held in San Francisco at the Exploratorium in September, 2022. Join us at future events to learn how security leaders and practitioners from Financial Services, Telco, SaaS, Hi-Tech, and other industries use osquery to manage security risks at scale.

In this session Ben Pruce, Engineering Manager from HashiCorp, describes how the open-source osquery project helped his security team gain visibility across the business’ diverse infrastructure and simplify some of their threat detection. Using osquery and other open-source software, Hashicorp was able to standardize images across teams, minimize instance lifespans, and set up centralized log collection. The combination of these strategies made it easier to spot anomalous activity and more difficult for attackers to hide their behavior.
Check out the other sessions from Osquery@scale, an annual event hosted by Uptycs for the osquery community. This event was held in San Francisco at the Exploratorium in September, 2022. Join us at future events to learn how security leaders and practitioners from Financial Services, Telco, SaaS, Hi-Tech, and other industries use osquery to manage security risks at scale.

In this session Nabil Schear, Staff Security Engineer at Netflix, talks about how Netflix uses osquery. Netflix operates one of the largest AWS deployments in the world to power their streaming service, studio, and other business operations. This complex deployment spans thousands of microservice and data processing applications running on a mix of EC2 instances and containers running on the Titus platform. Since 2019, Netflix has used osquery to understand their large environment, respond to security incidents, and unlock cost savings. Nabil explains how Netflix deployed Osquery while minimizing the burden of operating it on a large scale. He wraps up with some examples of the breadth of different challenges that they have been able to solve using osquery and how they are thinking about it in the future.
Check out the other sessions from Osquery@scale, an annual event hosted by Uptycs for the osquery community. This event was held in San Francisco at the Exploratorium in September, 2022. Join us at future events to learn how security leaders and practitioners from Financial Services, Telco, SaaS, Hi-Tech, and other industries use osquery to manage security risks at scale.

In this session Raja Jasper, SOC Manager at a financial institution and Saurabh Wadhwa, a Senior Solutions Engineer at Uptycs, discuss how to use osquery and MITRE ATT&CK to build sophisticated detections based on behavior, rather than IOCs. Detections based on behaviors tell a story and provide analysts a lot more context, plus they are more troublesome for attackers to avoid. Osquery gathers the endpoint telemetry needed to build these types of detections. Raja and Saurabh demonstrate how to use osquery to build a behavior-based detection using Emotet malware as an example.

Check out the other sessions from Osquery@scale, an annual event hosted by Uptycs for the osquery community. This event was held in San Francisco at the Exploratorium in September, 2022. Join us at future events to learn how security leaders and practitioners from Financial Services, Telco, SaaS, Hi-Tech, and other industries use osquery to manage security risks at scale.

Security monitoring for containers is tricky. Organizations need to balance the need to detect malicious behavior at the container runtime with the need for efficiency and operational reliability. Enter eBPF. This talk will cover how to use eBPF to extract kernel-level telemetry for security monitoring purposes, along with real-world applications and best practices.
Check out the other sessions from Osquery@scale, an annual event hosted by Uptycs for the osquery community. This event was held in San Francisco at the Exploratorium in September, 2022. Join us at future events to learn how security leaders and practitioners from Financial Services, Telco, SaaS, Hi-Tech, and other industries use osquery to manage security risks at scale.

Threat actors quantify the time and expense required to attack your organization. Security Operations teams ought to be able to do the same through threat modeling and appropriate controls. Thanks to osquery-powered visibility, SEI was able to quantify the value of its security operations. The SEI team uses osquery at scale to assess what threats they have faced in the past, are facing, and are likely to face in the future. Osquery also plays an important role in helping the SEI team to develop controls for those threats.
Check out the other sessions from Osquery@scale, an annual event hosted by Uptycs for the osquery community. This event was held in San Francisco at the Exploratorium in September, 2022. Join us at future events to learn how security leaders and practitioners from Financial Services, Telco, SaaS, Hi-Tech, and other industries use osquery to manage security risks at scale.

In this session Uma Reddy, Chief Product Officer and Anadi Sharma, Principal Software Engineer, from Uptycs, explain how Uptycs extended osquery functionality by adding Java software information for finding vulnerabilities in their fleet. They demonstrate how Uptycs responded to some recent vulnerabilities in libraries like Log4j and the Spring Framework using these osquery extensions to sleuth out the vulnerabilities in their own environment and share the extended functionality with the community.
Check out the other sessions from Osquery@scale, an annual event hosted by Uptycs for the osquery community. This event was held in San Francisco at the Exploratorium in September, 2022. Join us at future events to learn how security leaders and practitioners from Financial Services, Telco, SaaS, Hi-Tech, and other industries use osquery to manage security risks at scale.

In this session, Uma Unni will explain how Stripe uses osquery to validate the secure configurations on developers' machines in real time before granting them access to sensitive resources.

Your application developers work with your company's most valuable intellectual property and have access to your most sensitive systems. What's the expectation of how their laptops are configured, and how can you ensure that your developers' machines are securely configured before they access critical resources? In this session, Uma Unni will explain how Stripe uses osquery to validate the secure configurations on developers' machines in real time before granting them access to sensitive resources.

Check out the other sessions from Osquery@scale, an annual event hosted by Uptycs for the osquery community. This event was held in San Francisco at the Exploratorium in September, 2022. Join us at future events to learn how security leaders and practitioners from Financial Services, Telco, SaaS, Hi-Tech, and other industries use osquery to manage security risks at scale.

Zach Wasserman shows how osquery data can enable vulnerability detection when combined with public data from NIST’s NVD and OVAL repositories.

In this session, Zach Wasserman, Co-Founder & CTO of Fleet, talks about how osquery data can enable vulnerability detection when combined with public data from NIST’s NVD and OVAL repositories. Zach demonstrates the deep potential for osquery when applied to vulnerability management at scale. He outlines two key approaches to the problem of vulnerability management–inventory and investigation. Consolidating agents has long been a promise of osquery. Learn how osquery becomes a more fully-featured replacement for the traditional vulnerability scanner.
Check out the other sessions from Osquery@scale, an annual event hosted by Uptycs for the osquery community. This event was held in San Francisco at the Exploratorium in September, 2022. Join us at future events to learn how security leaders and practitioners from Financial Services, Telco, SaaS, Hi-Tech, and other industries use osquery to manage security risks at scale.