osquery@scale
expert insight from the largest osquery deployments
Dogpatch WineWorks, San Francisco
Jan 22-23, 2020
Agenda
Two Days of Power-User Insight
Jan 22-23, 2020
Dogpatch WineWorks
This two day event is focused on surfacing osquery security use cases - the good, bad, and ugly - told from the mouths of those who've lived and breathed at scale deployments in their production environments. Join security leaders and practitioners from Financial Services, Telco, SaaS, Hi-Tech, and a variety of other industries as they share first hand learning from osquery deployments solving for incident investigation & threat visibility, compliance, asset inventory, cloud vs. on-prem, and much more. Osquery@scale will feature a single track schedule to allow attendees to join every session. Sessions will be 30 minutes long with time for Q&A. Breakfast, lunch and free flowing coffee will be provided for all attendees, and we'll have a guided wine tasting Tuesday night.
Wednesday, Jan 22nd
8:30am - 9:30am Networking Breakfast & Sign-In
9:30-5pm Speaker sessions
5-6pm On-site Wine Tasting
Thursday, Jan 23rd
8:30-9am Networking Breakfast & Sign-In
9-4pm Speaker sessions
We'll be adding specific details to our agenda as available, so check back often.
More To Come!
About osquery@scale
What is osquery@scale?
osquery@scale is a knowledge-sharing environment meant to help security practitioners and leaders fully immerse themselves in the highs and lows of real-life osquery deployments. Through the sharing of end-user experiences, attendees will better understand the variety of security use cases, limitations and benefits across operating systems and environments, skills and abilities required for use, and other considerations to be made when building strategic at scale deployment plans. Our goal is to connect osquery users with like-minded osquery-curious peers. This conference is being hosted by Uptycs to support the sharing of experience with at scale osquery deployments. All are welcome to attend and participate. This inaugural event will take place at Dogpatch WineWorks, a large industrial warehouse with an on-site winery located in the up & coming Dogpatch neighborhood. DPWW is accessible from Muni, CalTrain, Uber and is a walkable distance from Oracle Park.
Please note, our call for presentations has closed as of December 31, 2019.
100+
Security Peers
2
14+
Days
Sessions
Speakers
The osquery@scale speakers represent a diverse set of industries, experiences and osquery use cases. We'll be adding to this great lineup over the next couple of weeks.
Telenor
As one of the world's largest Telco's, Telenor is a top attack target. Hear how they're using osquery for advanced threat hunting and investigation.
IBM
Come hear about the unique combination of IBM's complex environment, millions of global distributed devices, and open source DNA that make it ripe for osquery use cases. Deputy CISO, Ram Chennamsetty, will share ways IBM is interested in addressing threat hunting, agent consolidation, configuration & asset management, and more.
Stripe
We'll be joined by three members of Stripe's security team. They'll share their experience using the osquery API to collect and codify data, how they've integrated that data into other systems and workflows as well as how they're performing Automated in Memory Forensics.
Akamai
Our day 1 keynote speaker, Akamai's CISO, Andy Ellis, will share what it takes to conduct "Incident Response at Planetary Scale."
GitLab
This cloud native organization uses osquery as part of their Zero Trust Network strategy, helping to maintain visibility into their Mac and Linux assets.
Comcast
Join members of Comcast's Endpoint Security and Cyber Security teams to hear how the telecommunications conglomerate is putting using osquery to use.
Mulesoft (a Salesforce company)
MuleSoft provides the most widely used integration platform (Mule ESB & CloudHub) for connecting SaaS & enterprise applications in the cloud and on-premise.
Chris Byron, Mulesoft's Security Director will be speaking about "Cloud governance and compliance with osquery"
Chris Byron, Mulesoft's Security Director will be speaking about "Cloud governance and compliance with osquery"
Airbnb
Airbnb is an online marketplace where you can book unique places to stay and find things to do.
Join Sam Keeley, Airbnb Security Engineer, as he shares how they're using osquery to help with visibility and IT administration.
Join Sam Keeley, Airbnb Security Engineer, as he shares how they're using osquery to help with visibility and IT administration.
Dactive, LLC
Dactiv, LLC is a consulting company specializing in osquery and Kolide Fleet. We also bring expert experience with Go (Golang) and containers.
Zach Wasserman, Founder & Principal Engineer, will present a session on "The osquery Agent: Performance Tuning @Scale"
Zach Wasserman, Founder & Principal Engineer, will present a session on "The osquery Agent: Performance Tuning @Scale"
Henrik Strøm
Head of Telenor CERT
Henrik Strøm has over 25 years of experience in the cyber security field. In the early 90s, when anti-virus was a bleeding edge technology, he spent his time at the Norwegian University of Science and Technology (NTNU) developing his own award winning anti-virus software. He then worked for Telia and Norsk Hydro, and finally Telenor where he was involved in the emergence of Internet and "Cyberspace" in Norway. Henrik has worked in various key security positions in Telenor for over a decade, and is now heading the Telenor CERT. His team at Telenor CERT is currently working on establishing global CERT and SOC operations for Telenor ASA, which own 9 telecommunications companies globally.
Henrik Strøm has over 25 years of experience in the cyber security field. In the early 90s, when anti-virus was a bleeding edge technology, he spent his time at the Norwegian University of Science and Technology (NTNU) developing his own award winning anti-virus software. He then worked for Telia and Norsk Hydro, and finally Telenor where he was involved in the emergence of Internet and "Cyberspace" in Norway. Henrik has worked in various key security positions in Telenor for over a decade, and is now heading the Telenor CERT. His team at Telenor CERT is currently working on establishing global CERT and SOC operations for Telenor ASA, which own 9 telecommunications companies globally.
Mona Elisabeth Østvang
Incident Response Manager, Telenor CERT
Mona Elisabeth Østvang manages the incident response section in Telenor CERT. Before joining Telenor CERT this year, she was a consultant in mnemonic, the largest cyber security consultant company in Norway. For the past ten years, she has led investigations and handled a number of major events, including advanced and targeted attacks against Norwegian and foreign targets. She holds a master of technology from the Norwegian University of Science and Technology (NTNU) from 2004.
Mona Elisabeth Østvang manages the incident response section in Telenor CERT. Before joining Telenor CERT this year, she was a consultant in mnemonic, the largest cyber security consultant company in Norway. For the past ten years, she has led investigations and handled a number of major events, including advanced and targeted attacks against Norwegian and foreign targets. She holds a master of technology from the Norwegian University of Science and Technology (NTNU) from 2004.
Andy Ellis
CSO, Akamai
Andy designed and brought to market Akamai’s TLS acceleration network, its DDoS defense offerings, and several of the core technologies behind its security solutions. He’s responsible for governing cybersecurity, compliance, and safety.
Andy is our day one keynote, speaking on the topic of "Incident Response at Planetary Scale"
Andy designed and brought to market Akamai’s TLS acceleration network, its DDoS defense offerings, and several of the core technologies behind its security solutions. He’s responsible for governing cybersecurity, compliance, and safety.
Andy is our day one keynote, speaking on the topic of "Incident Response at Planetary Scale"
Paul Harrison
Security Manager, Security Operations, GitLab
Paul has extensive experience in project management, network operations, and compliance. Prior to GitLab, Paul was the Security Architect for Winnipeg-based Bold Commerce, focused on GDPR compliance and maturing security practices. After numerous internal talks this is Paul's first public speaking engagement!
Paul has extensive experience in project management, network operations, and compliance. Prior to GitLab, Paul was the Security Architect for Winnipeg-based Bold Commerce, focused on GDPR compliance and maturing security practices. After numerous internal talks this is Paul's first public speaking engagement!
Kathy Wang
Former GitLab Head of Security
Kathy Wang is a recognized thought-leader in information security with a strong background in project management, research, and business development. She is the former Head of Security at GitLab, and is also an internationally-recognized malware expert, who has researched, developed, evaluated, and operationalized various solutions for detecting and preventing client-side attacks used by advanced persistent threats (APT), as they target common platforms (e.g., browser, email, mobile phones). She has spoken internationally at many conferences and on many panels, including RSA, DEFCON, AusCERT, and REcon. Kathy has co-authored a book, Beautiful Security, and holds a BS and MS in Electrical Engineering from The University of Michigan, Ann Arbor.
Kathy Wang is a recognized thought-leader in information security with a strong background in project management, research, and business development. She is the former Head of Security at GitLab, and is also an internationally-recognized malware expert, who has researched, developed, evaluated, and operationalized various solutions for detecting and preventing client-side attacks used by advanced persistent threats (APT), as they target common platforms (e.g., browser, email, mobile phones). She has spoken internationally at many conferences and on many panels, including RSA, DEFCON, AusCERT, and REcon. Kathy has co-authored a book, Beautiful Security, and holds a BS and MS in Electrical Engineering from The University of Michigan, Ann Arbor.
Ram Chennamsetty
Deputy CISO, IBM
Ram Chennamsetty is an accomplished information security professional with around
21 years of experience. As the Deputy CISO of IBM, Ram is responsible for leading the
cybersecurity strategy and execution across IBM.
Prior to this role, Ram was a chief strategist and architect for IT Risk in the Office of the
IBM CISO, where he led the multi-year technical strategy and architecture. He worked
in IBM throughout his professional career with a background of research, development
and customer engagements.
Ram is an expert and a thought leader on cyber security, risk management, threat
management, security policy development, security automation, application security,
data protection and access management. Ram holds a masters degree.
In his session at the inaugural osquery@scale conference, Ram will detail the unique combination of IBM's complex environment, millions of global distributed devices, and open source DNA that make it ripe for osquery use cases. He’ll share ways IBM is interested in solving for threat hunting, agent consolidation, configuration & asset management, and more.
Ram Chennamsetty is an accomplished information security professional with around
21 years of experience. As the Deputy CISO of IBM, Ram is responsible for leading the
cybersecurity strategy and execution across IBM.
Prior to this role, Ram was a chief strategist and architect for IT Risk in the Office of the
IBM CISO, where he led the multi-year technical strategy and architecture. He worked
in IBM throughout his professional career with a background of research, development
and customer engagements.
Ram is an expert and a thought leader on cyber security, risk management, threat
management, security policy development, security automation, application security,
data protection and access management. Ram holds a masters degree.
In his session at the inaugural osquery@scale conference, Ram will detail the unique combination of IBM's complex environment, millions of global distributed devices, and open source DNA that make it ripe for osquery use cases. He’ll share ways IBM is interested in solving for threat hunting, agent consolidation, configuration & asset management, and more.
Guillaume Ross
Principal Product Manager, Uptycs
With experience as a security architect, consultant and with managing security operations, he loves to find ways to help organizations prevent attacks and reduce the noise that security and IT teams are subjected to. He believes that while it is impossible to prevent every single attack, a combination of good prevention techniques and security hygiene is the best way to then be able to focus on detecting and responding to only the important stuff.
Guillaume will be speaking about how to map the MITRE ATT&CK framework to existing breach reports using osquery to see how ATT&CK and osquery can help improve detection capabilities.
With experience as a security architect, consultant and with managing security operations, he loves to find ways to help organizations prevent attacks and reduce the noise that security and IT teams are subjected to. He believes that while it is impossible to prevent every single attack, a combination of good prevention techniques and security hygiene is the best way to then be able to focus on detecting and responding to only the important stuff.
Guillaume will be speaking about how to map the MITRE ATT&CK framework to existing breach reports using osquery to see how ATT&CK and osquery can help improve detection capabilities.
Javier Marcos de Prado
Security/Systems Engineer at "Known Cryptocurrency Exchange"
Javier is an experienced Security Engineer and Systems Architect with extensive experience in both well established corporations and startups. In the last 10+ years he has applied the expertise acquired in the field of software and systems engineering, towards building offensive and defense capabilities for some of the top companies in the world. His passion for Linux and open source has been reflected by his contributions to large projects, such as osquery, and recently with the creation of osctrl, a scalable and modular TLS endpoint for osquery assets.
Javier is an experienced Security Engineer and Systems Architect with extensive experience in both well established corporations and startups. In the last 10+ years he has applied the expertise acquired in the field of software and systems engineering, towards building offensive and defense capabilities for some of the top companies in the world. His passion for Linux and open source has been reflected by his contributions to large projects, such as osquery, and recently with the creation of osctrl, a scalable and modular TLS endpoint for osquery assets.
Uma Reddy
Founder & VP of Engineering, Uptycs
Uma Reddy is Founder & VP of Engineering at Uptycs. He was previously VP of Engineering and GM of Sonus Networks India. At Sonus Networks he ran a team of 400 engineers involved in the development, testing and support of all Sonus products. Prior to Sonus Networks, Uma was Founder & Director of Engineering at Verivue, a leading provider of content delivery solutions to service providers (acquired by Akamai). Prior to Verivue, Uma served in the office of the CTO at Sonus Networks. Uma is the recipient of several U.S. patents. Uma received a BE degree in Mechanical Engineering and a MS in Industrial Engineering.
Uma Reddy is Founder & VP of Engineering at Uptycs. He was previously VP of Engineering and GM of Sonus Networks India. At Sonus Networks he ran a team of 400 engineers involved in the development, testing and support of all Sonus products. Prior to Sonus Networks, Uma was Founder & Director of Engineering at Verivue, a leading provider of content delivery solutions to service providers (acquired by Akamai). Prior to Verivue, Uma served in the office of the CTO at Sonus Networks. Uma is the recipient of several U.S. patents. Uma received a BE degree in Mechanical Engineering and a MS in Industrial Engineering.
Mitchell Grenier
Security Engineer at “Known cryptocurrency exchange”
As a former Security Engineer at Facebook, Mitchell (aka obelisk) worked first-hand on osquery improvements and extensibility as part of the core development team. Most recently, Mitchell has been working on goquery, a shell like interface that enables remote investigations at scale.
As a former Security Engineer at Facebook, Mitchell (aka obelisk) worked first-hand on osquery improvements and extensibility as part of the core development team. Most recently, Mitchell has been working on goquery, a shell like interface that enables remote investigations at scale.
Andrew Guthrie
Andrew has been working as a Full Stack developer in Vancouver for the past 4 years. For the last 2 years, he’s worked with talented scientists in the biotech industry in cancer therapeutics. His interest with osquery led him to work with Mitchell Grenier on osquery tooling projects, including goquery.
Matthew Kemelhar
Threat Operations Manager, Stripe
Matthew currently leads the Threat Operations team for Stripe. Before joining Stripe, Matthew was the Global Incident Response and Recovery leader for Microsoft and led countless commercial and public sector incident investigations. Over the last 20+ years, he’s been a security architect, conducted incident investigations for targeted attacks, recovered comprised environments, conducted risk analysis for the Department of Energy and red teaming for the National Security Agency. He excels at building scalable security teams with a focus on rigor through automation.
Matthew currently leads the Threat Operations team for Stripe. Before joining Stripe, Matthew was the Global Incident Response and Recovery leader for Microsoft and led countless commercial and public sector incident investigations. Over the last 20+ years, he’s been a security architect, conducted incident investigations for targeted attacks, recovered comprised environments, conducted risk analysis for the Department of Energy and red teaming for the National Security Agency. He excels at building scalable security teams with a focus on rigor through automation.
Russ Nolen
Security Engineer, Stripe
Russ Nolen is currently a security engineer with Stripe and has worked as a researcher at Carbon Black, Attack Research and inside the US government. Having spent over 15 years in this field, Russ has fulfilled diverse roles such as offensive operations, incident response, large scale attack simulations, intelligence R&D, exploit development, malware analysis, and much more. Utilizing this wide background of experiences, he currently works to deliver applicable results from a new concept of using offense in an enterprise.
Russ Nolen is currently a security engineer with Stripe and has worked as a researcher at Carbon Black, Attack Research and inside the US government. Having spent over 15 years in this field, Russ has fulfilled diverse roles such as offensive operations, incident response, large scale attack simulations, intelligence R&D, exploit development, malware analysis, and much more. Utilizing this wide background of experiences, he currently works to deliver applicable results from a new concept of using offense in an enterprise.
Seshu Pasam
Chief Software Architect, Uptycs
As the Chief Software Architect, Seshu is responsible for ensuring an efficient and highly scalable architecture for the Uptycs Security Analytics Platform. He has 20+ years of hands on engineering experience with a passion for startups and cloud security. He contributed the original Docker and AWS tables to the osquery project and looks forward to furthering osquery's container visibility.
Seshu will be co-presenting on the topic of "Deploying osquery@scale: Optimizing Telemetry Collection & Resource Utilization"
As the Chief Software Architect, Seshu is responsible for ensuring an efficient and highly scalable architecture for the Uptycs Security Analytics Platform. He has 20+ years of hands on engineering experience with a passion for startups and cloud security. He contributed the original Docker and AWS tables to the osquery project and looks forward to furthering osquery's container visibility.
Seshu will be co-presenting on the topic of "Deploying osquery@scale: Optimizing Telemetry Collection & Resource Utilization"
Carl Vincent
Security Engineer, Stripe
Carl is a Security Engineer on the Threat Operations team at Stripe. He has over 10 years of experience within the information security industry and is one of the featured individuals in the book recently released by Jennifer Jin and Marcus J. Carey entitled "Tribe of Hackers: Red Team." At osquery@scale, Carl will be talking about Automated in Memory Forensics and custom code that can be integrated as an osquery table to perform forensics.
Carl is a Security Engineer on the Threat Operations team at Stripe. He has over 10 years of experience within the information security industry and is one of the featured individuals in the book recently released by Jennifer Jin and Marcus J. Carey entitled "Tribe of Hackers: Red Team." At osquery@scale, Carl will be talking about Automated in Memory Forensics and custom code that can be integrated as an osquery table to perform forensics.
Erin Palmer
Director of Endpoint Security, Comcast
Erin is the Director of Endpoint Security for Comcast and is part of the Comcast Cyber Security team. She is responsible for Endpoint, Email Security, and Compliance solutions across the Comcast Enterprise. Over her 18 years at Comcast, Erin has focused on access control and enterprise security. She strives to build happy teams that can solve large problems together. Erin also runs the Philadelphia TechWomen chapter and is passionate about creating an inclusive work culture.
Session Title: Linux Efficacy @Scale
Session Description: The Compliance Team, Cyber Security teams, and System Engineers all have different requirements but do we need different agents? In this talk we will discuss how we decided to use osquery to solve diverse use cases. We’ll talk about how we discovered that a single agent could be used to provide visibility across the Linux footprint @ scale.
Erin is the Director of Endpoint Security for Comcast and is part of the Comcast Cyber Security team. She is responsible for Endpoint, Email Security, and Compliance solutions across the Comcast Enterprise. Over her 18 years at Comcast, Erin has focused on access control and enterprise security. She strives to build happy teams that can solve large problems together. Erin also runs the Philadelphia TechWomen chapter and is passionate about creating an inclusive work culture.
Session Title: Linux Efficacy @Scale
Session Description: The Compliance Team, Cyber Security teams, and System Engineers all have different requirements but do we need different agents? In this talk we will discuss how we decided to use osquery to solve diverse use cases. We’ll talk about how we discovered that a single agent could be used to provide visibility across the Linux footprint @ scale.
Abubakar "Ab" Yousafzai
Sr. Cyber Security Engineer, Comcast
Abubakar is a Senior Cyber Security Engineer with the Endpoint Security team at Comcast. He is responsible for security systems development at Comcast. He built the Enterprise email security platform that serves millions of email transactions per day and built a mobile application security development lifecycle for internal mobile applications. Currently, He works on hybrid cloud system deployments, performs dev ops role for Linux systems, and manages a high capacity home-grown big data logging solution. Abubakar enjoys mentoring engineers coming into the workforce and is always looking for a new challenge. Prior to working at Comcast, he worked as a consultant architect responsible for system hardening and design.
Session Title: Linux Efficacy @Scale
Session Description: The Compliance Team, Cyber Security teams, and System Engineers all have different requirements but do we need different agents? In this talk we will discuss how we decided to use osquery to solve diverse use cases. We’ll talk about how we discovered that a single agent could be used to provide visibility across the Linux footprint @ scale.
Abubakar is a Senior Cyber Security Engineer with the Endpoint Security team at Comcast. He is responsible for security systems development at Comcast. He built the Enterprise email security platform that serves millions of email transactions per day and built a mobile application security development lifecycle for internal mobile applications. Currently, He works on hybrid cloud system deployments, performs dev ops role for Linux systems, and manages a high capacity home-grown big data logging solution. Abubakar enjoys mentoring engineers coming into the workforce and is always looking for a new challenge. Prior to working at Comcast, he worked as a consultant architect responsible for system hardening and design.
Session Title: Linux Efficacy @Scale
Session Description: The Compliance Team, Cyber Security teams, and System Engineers all have different requirements but do we need different agents? In this talk we will discuss how we decided to use osquery to solve diverse use cases. We’ll talk about how we discovered that a single agent could be used to provide visibility across the Linux footprint @ scale.
Zach Wasserman
Founder & Principal Engineer, Dactive LLC
Zach has been involved with osquery since the earliest design documents in 2015. He has brought his extensive experience to the delivery of core features such as AWS logging and syslog consumption in osquery, as well as the development of Kolide Fleet, the most popular open-source osquery Fleet manager. These days he can be found cheerfully helping out users in the osquery community, shaping the future of the agent as a member of the osquery Technical Steering Committee, or developing features for Fleet. As the founder of Dactiv LLC, he consults with technical organizations to reap the benefits of Fleet and osquery.
Zach has been involved with osquery since the earliest design documents in 2015. He has brought his extensive experience to the delivery of core features such as AWS logging and syslog consumption in osquery, as well as the development of Kolide Fleet, the most popular open-source osquery Fleet manager. These days he can be found cheerfully helping out users in the osquery community, shaping the future of the agent as a member of the osquery Technical Steering Committee, or developing features for Fleet. As the founder of Dactiv LLC, he consults with technical organizations to reap the benefits of Fleet and osquery.
Julian Wayte
Julian Wayte is a Security Solutions Engineer for Uptycs. In this role, he helps organizations architect security solutions - based on endpoint telemetry and automated workflows – in order to solve a variety of security use cases. Julian loves working with and teaching osquery. He has worked for 20 years in various customer facing, technical, and IT roles helping organizations manage and secure their data.
Julian will be speaking about how to scan for malware more efficiently using osquery + YARA. You can learn more here: https://www.uptycs.com/blog/resource-smart-yara-scans-saving-cpu-and-time-with-osquery
Julian will be speaking about how to scan for malware more efficiently using osquery + YARA. You can learn more here: https://www.uptycs.com/blog/resource-smart-yara-scans-saving-cpu-and-time-with-osquery
Chris Byron
Security Director, MuleSoft (a Salesforce company)
Chris is a software engineer turned security operator, and is currently the head of security for the MuleSoft Anypoint Platform. Formerly of Box, Inc. and Envoy, Inc., Chris is focused on bridging the divide between engineering and information security teams. When he's not writing software, he's probably gaming, reading, or woodworking, and drinking a beer regardless.
Chris will be speaking about “Cloud governance and compliance with osquery.”
Chris is a software engineer turned security operator, and is currently the head of security for the MuleSoft Anypoint Platform. Formerly of Box, Inc. and Envoy, Inc., Chris is focused on bridging the divide between engineering and information security teams. When he's not writing software, he's probably gaming, reading, or woodworking, and drinking a beer regardless.
Chris will be speaking about “Cloud governance and compliance with osquery.”
{"items":["59b81cff-ce58-4f85-bd68-7cc9bf8e8fb8","cd1e8e0e-ed79-4115-8991-8edafc0bdcf8","3fbc1c78-44a1-4b55-bb8d-e71fd6cc0fbc","2e7e3687-4bdd-4e27-9935-73b43a15efe4","3a042799-b17e-44dd-a27d-390fcded4cd5","89a0c335-4d38-4953-842d-42dd55ac8e11","24af6d30-d772-4446-a0fc-9b939682afc4","6b5ce89f-017a-4e14-9e59-f5d4125754d3","0ecc95ab-3749-4562-b9bb-d0f1a061bacc","bf31fe1c-91b9-479f-8d36-e5a362f821cb","49f728fe-6ca0-427a-b2be-760a56ee466b","34041c7e-4432-48e1-bdf1-b9131fb8eb0c","3b72fe44-3c34-42df-94f5-db586c0b9030","9e0eac84-18bc-4cb6-b733-b4e890a07a72","1d3c2e03-43da-4434-8428-b6c8e1789424","fef5ebf3-9e20-4837-b292-7b14dd4830ac","eba2f1b8-26b9-4c53-82db-5fbcad7eafd3","58587e57-6704-4325-b289-ebad3f3837c9","46b4303c-47ae-46be-9738-997412113c8b","1febd10c-9fbb-4311-b438-e08273625dea","70a1f35d-c08c-4fe9-bd11-4c13eaf75392","d5afc0f4-1b83-4054-aee7-add8bd095e06","dc3449ba-361f-499c-8138-27404fa8e398","dee01629-8f7b-4d14-8ec4-f739cb51dca4","6896bfbf-dfc1-4703-84bb-ce0a7a231b60","e8518928-f8d5-4405-bae4-6c1e48b5cf1f","5d0fdc45-d074-4567-8eba-88e7682f9d83","ed7d8e2b-fde8-46bf-a21a-9e56ab41f6e3","1d9cdeb6-0609-41ee-9a37-80fd6fac39f1"],"styles":{"galleryType":"Columns","groupSize":1,"showArrows":false,"cubeImages":true,"cubeType":"fill","cubeRatio":0.75,"isVertical":true,"gallerySize":405,"collageAmount":0,"collageDensity":0,"groupTypes":"1","oneRow":false,"imageMargin":20,"galleryMargin":4,"floatingImages":0,"chooseBestGroup":true,"smartCrop":false,"hasThumbnails":false,"enableScroll":true,"isGrid":true,"isSlider":false,"isColumns":false,"isSlideshow":false,"cropOnlyFill":false,"fixedColumns":3,"enableInfiniteScroll":1,"isRTL":false,"minItemSize":50,"rotatingGroupTypes":"","rotatingCubeRatio":"","gallerySliderImageRatio":1.7777777777777777,"numberOfImagesPerRow":3,"numberOfImagesPerCol":1,"groupsPerStrip":0,"borderRadius":0,"boxShadow":0,"gridStyle":1,"mobilePanorama":false,"placeGroupsLtr":false,"viewMode":"preview","thumbnailSpacings":0,"galleryThumbnailsAlignment":"bottom","isMasonry":false,"isAutoSlideshow":false,"slideshowLoop":false,"autoSlideshowInterval":4,"useCustomButton":false,"bottomInfoHeight":0,"titlePlacement":"SHOW_ON_HOVER","galleryHorizontalAlign":"flex-start","galleryTextAlign":"left","galleryVerticalAlign":"center","scrollSnap":false,"itemClick":"expand","fullscreen":true,"allowSocial":false,"allowDownload":false,"allowTitle":true,"allowDescription":true,"loveButton":false,"loveCounter":true,"videoPlay":"hover","scrollAnimation":"NO_EFFECT","scrollDirection":0,"overlayAnimation":"NO_EFFECT","arrowsPosition":0,"arrowsSize":23,"watermarkOpacity":40,"watermarkSize":40,"useWatermark":true,"watermarkDock":{"top":"auto","left":"auto","right":0,"bottom":0,"transform":"translate3d(0,0,0)"},"loadMoreAmount":"all","defaultShowInfoExpand":1,"allowTitleExpand":true,"allowDescriptionExpand":true,"allowLinkExpand":true,"expandInfoPosition":0,"allowFullscreenExpand":true,"fullscreenLoop":false,"galleryAlignExpand":"left","addToCartBorderWidth":1,"addToCartButtonText":"","slideshowInfoSize":200,"playButtonForAutoSlideShow":false,"allowSlideshowCounter":false,"hoveringBehaviour":"APPEARS","thumbnailSize":120,"magicLayoutSeed":1,"imageHoverAnimation":"NO_EFFECT","calculateTextBoxHeightMode":"AUTOMATIC","textBoxHeight":0,"textImageSpace":10,"textBoxBorderRadius":0,"textBoxBorderWidth":0,"textsVerticalPadding":0,"textsHorizontalPadding":0,"titleDescriptionSpace":6,"customButtonText":"","customButtonBorderWidth":1,"customButtonBorderRadius":0,"loadMoreButtonText":"Load more","loadMoreButtonBorderWidth":1,"loadMoreButtonBorderRadius":0,"imageInfoType":"NO_BACKGROUND","itemBorderWidth":0,"itemBorderRadius":0,"itemEnableShadow":true,"itemShadowBlur":2,"itemShadowDirection":135,"itemShadowSize":2,"imageLoadingMode":"BLUR","expandAnimation":"NO_EFFECT","imageQuality":90,"usmToggle":false,"usm_a":0,"usm_r":0,"usm_t":0,"videoSound":false,"videoSpeed":1,"videoLoop":true,"gotStyleParams":true,"selectedLayout":"2|bottom|1|fill|true|0|1","showVideoPlayButton":true,"galleryImageRatio":2,"sharpParams":{"quality":90,"usm":{}},"imageLoadingWithColorMode":"PICKED_COLOR","imageRatioType":"FIXED","numberOfDisplayedItems":3,"itemBorderColor":{"themeName":"color_15","value":"rgba(255,255,255,1)"},"itemShadowOpacityAndColor":{"themeName":"color_11","value":"rgba(47,46,46,0.2)"},"textBoxBorderColor":{"themeName":"color_15","value":"rgba(255,255,255,1)"},"textBoxFillColor":{"themeName":"color_12","value":"rgba(96,94,94,1)"},"alwaysShowHover":false,"isStoreGallery":false,"previewHover":false,"galleryLayout":2,"galleryImageRatioFromWix":0.75,"itemOpacity":{"themeName":"color_15","value":"rgba(255,255,255,0.9)"},"itemFont":{"style":{"bold":true,"italic":false,"underline":false},"family":"verdana","preset":"Custom","editorKey":"font_6","size":17,"fontStyleParam":true,"value":"font:normal normal bold 17px/21px verdana,geneva,sans-serif;"},"itemFontSlideshow":{"family":"avenir-lt-w01_85-heavy1475544","displayName":"Basic Heading","style":{"bold":false,"italic":false,"underline":false},"size":22,"preset":"Heading-M","editorKey":"font_5","fontStyleParam":true,"value":"font:normal normal normal 22px/1.4em avenir-lt-w01_85-heavy1475544,sans-serif;"},"itemDescriptionFontSlideshow":{"family":"avenir-lt-w01_35-light1475496","displayName":"Paragraph 2","style":{"bold":false,"italic":false,"underline":false},"size":16,"preset":"Body-M","editorKey":"font_8","fontStyleParam":true,"value":"font:normal normal normal 16px/1.4em avenir-lt-w01_35-light1475496,sans-serif;"},"itemDescriptionFont":{"family":"avenir-lt-w01_35-light1475496","style":{"bold":false,"italic":false,"underline":false},"size":15,"preset":"Custom","editorKey":"font_9","fontStyleParam":true,"value":"font:normal normal normal 15px/18px avenir-lt-w01_35-light1475496,sans-serif;"},"itemFontColor":{"themeName":"color_11","value":"rgba(47,46,46,1)"},"itemFontColorSlideshow":{"themeName":"color_15","value":"rgba(255,255,255,1)"},"itemDescriptionFontColor":{"themeName":"color_11","value":"rgba(47,46,46,1)"},"itemDescriptionFontColorSlideshow":{"themeName":"color_15","value":"rgba(255,255,255,1)"},"loadMoreButtonFont":{"family":"avenir-lt-w01_35-light1475496","displayName":"Paragraph 2","style":{"bold":false,"italic":false,"underline":false},"size":16,"preset":"Body-M","editorKey":"font_8","fontStyleParam":true,"value":"font:normal normal normal 16px/1.4em avenir-lt-w01_35-light1475496,sans-serif;"},"loadMoreButtonFontColor":{"themeName":"color_15","value":"rgba(255,255,255,1)"},"loadMoreButtonColor":{"themeName":"color_11","value":"rgba(47,46,46,1)"},"loadMoreButtonBorderColor":{"themeName":"color_15","value":"rgba(255,255,255,1)"},"arrowsColor":{"themeName":"color_11","value":"rgba(47,46,46,1)"},"oneColorAnimationColor":{"themeName":"color_11","value":"rgba(47,46,46,1)"},"isAccessible":false,"allowLeanGallery":false,"layoutsVersion":2,"selectedLayoutV2":2,"isSlideshowFont":false,"externalInfoHeight":0},"container":{"top":361,"bottom":"","left":100,"right":"","width":779,"height":3438,"position":"absolute","avoidGallerySelfMeasure":true,"galleryWidth":811,"galleryHeight":3438,"scrollBase":0}}
Top osquery Use Cases
Osquery for Incident Investigation
Breadth and completeness of data make osquery an ideal tool for incident investigation.
Osquery for Audit & Compliance
See how osquery can be used to help achieve SOC2, FedRAMP, PCI, CIS, and more.
Osquery for Linux Server Security
osquery offers a legitimate alternative to scripts and log forwarding for Linux server visibility and security.
Osquery for FIM
Cross-OS visibility and context-rich data like process id, process name, & user id make osquery ideal for FIM.
Osquery for Macs
osquery was purpose built for macOS visibility, config. compliance, and threat monitoring.
Get Tickets