Abstract

Maintaining real-time insight into the current state of your infrastructure is important. Osquery exposes an operating system as a high-performance relational database. This design allows you to write SQL-based queries efficiently and easily to explore operating systems. With osquery, SQL tables represent the current state of operating system attributes, such as:
Running processes
Loaded kernel modules
Open network connections

SQL tables are implemented via an easily extendable API. Several tables already exist and more are being written.

The high-performance host monitoring daemon, osqueryd, allows you to schedule queries for execution across your infrastructure. The daemon takes care of aggregating the query results over time, and generates logs which indicate state changes in your infrastructure. You can use this to maintain insight into the security, performance, configuration and state of your entire infrastructure.

Speaker

varun4sec

Information Security Specialist having 2+ years of experience in Securing organizations. From startups to MNC I have work experience in all scales of Infrastructure. Ad hoc programmer and problem solver worked with major programming languages like python,c#.
My strength is understanding the exact problem and I feel if we understand the problem the solution is a single line. I call myself as a problem solver and fast learner.
Also found some vulnerabilities in Indian Government web applications and informed them.

Timing

Starts at Saturday November 23 2019, 09:30 AM. The sessions runs for 30 minutes.

Resources