Co-hosts JD and Mat X talk with Tom and Dan from Snowflake about logging all the data. Everything! Osquery, FleetDM, and what do you do with 400TB of logs.
Hosts:
Mat X and JD
Guests:
Tom and Dan (Twitter)
https://twitter.com/Daniel_Infosec/status/1494722694922727424?s=20&t=bi5fUDt2q94RtGH1IiFh1w
Links:
Snowflake osquery Fleet magic (tlark GitHub blog post)
Munki (open source macOS software management)
Gorilla (Munki for Windows)
Acronyms:
SCIM (System for cross-domain Identity Management)
RBAC (Role based access control)
FIM (Osquery File integrity monitoring)
Videos:
MDOYVR17 – Osquery and Streamalert – Sam Keeley
MDOYVR18 – QuickTalk – Henry Stamerjohann – How to get them SHAS