Nearly two years after Facebook open sourced osquery, the social networking giant has made available an osquery developer kit for Windows, allowing security teams to build customized osquery solutions for Windows networks.
Osquery is an extremely popular operating system analysis tool for OS X and Linux. It exposes the OS as a high-performance relational database, and allows users to write SQL-based queries to explore OS data.
“With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes,” Facebook security engineer Nick Anderson noted in the announcement.
Full Article
