Co-hosts JD and Mat X talk with Tom and Dan from Snowflake about logging all the data. Everything! Osquery, FleetDM, and what do you do with 400TB of logs.
Hosts:
Mat X and JD
Guests:
Tom and Dan (Twitter)
Lol we have 200 TB of osquery data
— Daniel (@Daniel_Infosec) February 18, 2022
Links:
Snowflake osquery Fleet magic (tlark GitHub blog post)
Munki (open source macOS software management)
Gorilla (Munki for Windows)
Acronyms:
SCIM (System for cross-domain Identity Management)
RBAC (Role based access control)
FIM (Osquery File integrity monitoring)
Videos:
MDOYVR17 – Osquery and Streamalert – Sam Keeley
MDOYVR18 – QuickTalk – Henry Stamerjohann – How to get them SHAS