Osquery for Security Analysis | NetworkDefense

Osquery for Security Analysis will teach you how to use Osquery to perform thorough investigations of hosts on your network. This isn’t just an Osquery tutorial; it’s a course designed to help you improve your host-based investigation skills using one of the best tools for the job.

You’ll learn:

How to craft SQL queries to interrogate Windows, Linux, and MacOS hosts
Common queries for performing software inventory and asset control
Strategies for interrogating processes to determine if they are malicious
Techniques for uncovering persistence and lateral movement
Triaging suspicious systems using high-value data tables
Hunting leveraging MITRE ATT&CK techniques
Complete deployment of distributed Osquery across your network using Kolide Fleet and ElasticStack
How to leverage differential queries to monitor state changes and generate alerts
Extending Osquery with extensions

Osquery for Security Analysis Includes:
Over 5 hours of demonstration videos. These videos will break down the concepts and skills you need to become adept at using Osquery and improve your host interrogation skills.

Hands-on labs to help you develop and test your skills. You’ll complete lab exercises by downloading compromised virtual machines and using Osquery to figure out what happened. You’ll also complete a final challenge using Kolide Fleet to investigate multiple systems in a real-world scenario.

Our Osquery investigation cheat sheet. We’ve picked our favorite queries and combined them into a quick reference cheat sheet. I keep mine in my desk drawer and use it all the time!

Participation in our student charitable profit sharing program. A few times a year we designate a portion of our proceeds for charitable causes. AND students get to take part in nominating charities that are important to them to receive these donations.



Скачать с облака. Download from the cloud