
Osquery for Security Analysis will teach you how to use Osquery to perform thorough investigations of hosts on your network. This isn’t just an Osquery tutorial, it’s a course designed to help you improve your host-based investigation skills using one of the best tools for the job.
syllabus
- How to craft SQL queries to interrogate Windows, Linux, and MacOS hosts
- Common queries for performing software inventory and asset control
- Strategies for interrogating processes to determine if they are malicious
- Techniques for uncovering persistence and lateral movement
- Triaging suspicious systems using high-value data tables
- Hunting leveraging MITRE ATT&CK techniques
- Complete deployment of distributed Osquery across your network using FleetDM and ElasticStack
- How to leverage differential queries to monitor state changes and generate alerts
- Extending Osquery with extensions
Security Education
OffSec
iNE
Antisyphon
EC-Council
Applied Network Defense
Kaspersky
Sektor7
CompTIA
TCM Security
BlackHat
13Cubed
Dark Vortex
Enciphers
Forty North
Cyber warfare Labs
Maltrak
Scorpio Software
Security Onion
Zero Point Security
SentinelOne
Altered Security
SpecterOps
Pentester Academy
CQURE
PluralSight
StationX
Cybr
موسسههای دیگر