From: eWeek
Facebook is adding query packs to the open-source osquery security framework that group together common sets of use cases for data analysis.
Facebook is enhancing its open-source osquery security framework with new features that make it easier for users to organize and gain insight from operating system information.
***
The incident-response query pack can also potentially help organizations identify privilege-escalation attacks. Marcos noted that, in order to escalate privileges, one has to perform actions or commands.
Leave a Reply