Security Spot

Using Facebook’s osquery for Monitoring and Response

Real-time visibility is key to completely understanding the current state of your IT infrastructure. In October 2014, Facebook made low-level operating system monitoring easier by releasing their endpoint and server security monitoring tool, osquery, as an open-source project. The project was developed to be operating-system agnostic. This means that it can operate on Windows, Linux, and Apple OSX. By exposing collected data via Structured Query Language (SQL), a request for information on Windows works the same as it does on

Do More with Security Automation and Orchestration (SAO)

Security automation and orchestration has become a bit of a buzzword in the security space. And it *is* a silver bullet in terms of solving *certain* challenges. SAO helps a SecOps team realize a very quick return on investment by providing technology- and automation-enabled workflows that accelerate threat qualification and investigation capabilities.