Learn how to deploy, configure, and use osquery to improve security by increasing visibility, detecting suspicious activity, and implementing features like File Integrity Monitoring, using this great cross-platform tool.
Understanding how to leverage the power of osquery to solve security problems can seem complicated.
In this course, Getting Started with osquery, you will gain the ability to not only install and configure osquery, but also to understand different aspects of using it in a real environment.
First, you"ll learn how to install it on Linux and Windows.
Next, you'll discover how the power of SQL can be used with it to solve security problems, like identifying what processes are being executed where, and real-time events will be leveraged so you can learn how to monitor activity between scheduled query intervals and implement File Integrity Monitoring.
Finally, you'll explore how to plan for a real deployment of osquery, including the use of advanced options like TLS logging and extensions.
When you're finished with this course, you'll have the skills and knowledge of osquery needed to plan a deployment and start writing queries that will help you get answers to your most important endpoint security questions.
Software required: a Linux (Ubuntu, Debian, Redhat or CentOS) system with the latest version of osquery stable.
Course Overview [Autogenerated] Hi, everyone. My name is Gilma Ross. Welcome to my course. Getting started with Lois Query. I'm a principal secret consultant at Caffeine Security and a principal product manager at Optics, a company that leverages the power of OS Corey for Security Analytics. OS Corey is a very powerful open source agent that can let you ask questions to your operating systems as if it were a virtual database. Thanks to this, you can ask your systems things like what processes are listening to network connections right now or what user account executed the process. Net Cat. In this course, we're going to install OS Quarry on minutes and Windows right Simple quarries and understand the OS Cory schema joint tables together to get more value out of the data and answer secreted concerns, and we'll review the advantages of different deployment models for US quarry. By the end of this course, you'll know how to deploy the West Corey right quarries and quarry packs for it, and how to use it to solve secrete e challenges like improving and point visibility, performing targeted threat hunting and implementing file integrity monitoring before beginning the scores, you should be familiar with linens and Sshh! I hope you'll join me on this. Joining to learn Os Cory with getting started with the West. Great course at Thorough site.